fynt-landing-design
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill's 'upgrade' mode involves processing existing landing page code or TSX files provided by the user to transform them according to the Fynt quality bar (SKILL.md, improvement-playbook.md). This creates a vulnerability surface where the agent could potentially follow instructions maliciously embedded in the code comments or metadata of the input data.
- Ingestion points: User-provided frontend code or TSX files in 'upgrade' mode.
- Boundary markers: Absent; the skill does not instruct the agent to use delimiters or ignore instructions within the input data.
- Capability inventory: The skill allows for code generation and UI refactoring using standard frameworks; it does not request network access or sensitive file system operations.
- Sanitization: No validation or sanitization of the input code is performed before processing.
Audit Metadata