add-ui
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides structured instructions for UI generation, focusing on maintainability and adherence to existing project patterns.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation for well-known developer resources including shadcn/ui, Tailwind CSS, and TanStack. These are handled as neutral, legitimate external links.
- [COMMAND_EXECUTION]: The skill instructions involve modifying project files and potentially using CLI tools like npx for standard development tasks.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing user requests into generated code.
- Ingestion points: User-supplied input in the [request] argument.
- Boundary markers: None specified in the instructions.
- Capability inventory: File system access to write and integrate source code.
- Sanitization: No validation or escaping of the user-provided request string.
Audit Metadata