frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): While the skill uses terms like 'CRITICAL' and 'IMPORTANT', these are used to emphasize design quality and aesthetic consistency. There are no attempts to bypass AI safety filters or override system instructions.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network operations were detected.
- [External Downloads / RCE] (SAFE): No remote scripts or unverified package installations are present. The mention of 'Motion library' is a common architectural suggestion for React developers.
- [Indirect Prompt Injection] (LOW): The skill possesses a surface for indirect injection as it processes user requirements. Ingestion points: User-provided frontend requirements described in the prompt. Boundary markers: Absent. Capability inventory: Generates frontend code (HTML, CSS, JS, React, Vue) but lacks server-side execution, file-write, or network capabilities. Sanitization: Absent. The risk is considered low because the skill does not have access to sensitive system resources.
Audit Metadata