flutter-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructional patterns designed to bypass safety filters or override system instructions were found. The skill uses standard instructional language for technical documentation.\n- DATA_EXFILTRATION (SAFE): No hardcoded credentials, sensitive file path access, or exfiltration patterns were detected. Code examples use local context or placeholder values.\n- REMOTE_CODE_EXECUTION (SAFE): No mechanisms for downloading or executing remote code or scripts were identified. There is no use of eval(), exec(), or subprocess calls.\n- EXTERNAL_DOWNLOADS (SAFE): No external package installations or binary downloads are present in the provided files.\n- INDIRECT_PROMPT_INJECTION (SAFE): The skill serves as a static code reference. While it contains UI templates that could display data (e.g., NetworkImage), it does not ingest or process untrusted runtime data directly.\n
- Ingestion points: Snippet in
widgets.mdincludes animageUrlvariable for aNetworkImagewidget.\n - Boundary markers: Not applicable as the skill provides static code snippets for an agent to use during development assistance.\n
- Capability inventory: No executable capabilities or system-level access provided.\n
- Sanitization: The skill assumes standard framework-level sanitization for Flutter widgets.
Audit Metadata