mui
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly instructional regarding UI library usage.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, API keys, or access to sensitive file paths (~/.ssh, .env) were identified. There are no network operations targeting external domains.
- Obfuscation (SAFE): The content is clear and readable. No Base64, zero-width characters, homoglyphs, or encoded commands were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard, well-known libraries (@mui/material). There are no commands to download or execute remote scripts (e.g., curl | bash).
- Privilege Escalation (SAFE): No commands were found that attempt to gain elevated permissions (sudo, chmod) or modify system configurations.
- Persistence Mechanisms (SAFE): No attempts to establish persistence via shell profiles, cron jobs, or registry keys were detected.
- Metadata Poisoning (SAFE): Metadata fields correctly describe the skill's purpose and do not contain deceptive instructions.
- Indirect Prompt Injection (SAFE): The skill does not ingest untrusted external data or provide an attack surface for indirect injection. It acts as a static pattern library.
- Time-Delayed / Conditional Attacks (SAFE): No logic was found that gates operations based on time, date, or environment-specific triggers.
- Dynamic Execution (SAFE): The skill does not use eval(), exec(), or any runtime code generation/compilation techniques.
Audit Metadata