ui-ux-pro-max
Warn
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a Python script located within the skill's hidden directory ('.trae/skills/ui-ux-pro-max/scripts/search.py') to fetch UI components and styles. It also includes commands to install Python using 'sudo apt', which is a privilege escalation method for environment configuration.\n- [EXTERNAL_DOWNLOADS]: The skill directs the agent to download and install Python 3 via well-known package managers (Homebrew, APT, Winget). These are considered trusted services.\n- [PROMPT_INJECTION]: The skill uses output from 'search.py' to inform its design decisions, creating an indirect prompt injection surface.\n
- Ingestion points: Data retrieved from 'search.py' across various domains (product, style, typography, etc.) is integrated into the agent's planning and implementation steps.\n
- Boundary markers: There are no explicit instructions to treat the script output as untrusted or to use delimiters to separate search results from system instructions.\n
- Capability inventory: The skill allows for shell command execution (via Python) and frontend code generation/modification.\n
- Sanitization: No sanitization or validation of the retrieved search content is specified before it is integrated into the agent's generation process.
Audit Metadata