frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The use of 'CRITICAL' and 'IMPORTANT' markers in the text is for instructional emphasis regarding design choices, not for bypassing AI safety protocols or overriding core instructions.
- Data Exposure & Exfiltration (SAFE): The skill does not contain any code for file system access, credential handling, or network requests.
- Remote Code Execution (SAFE): No external script downloads, package installations, or command-line executions are present.
- Indirect Prompt Injection (LOW):
- Ingestion points: Processes user-provided frontend requirements (SKILL.md).
- Boundary markers: None explicitly defined in the skill logic.
- Capability inventory: Generates frontend code (HTML, CSS, JS, React, Vue) based on requirements.
- Sanitization: Relies on the host LLM's default output safety filters.
- Persistence & Privilege Escalation (SAFE): No operations involving system configuration or elevated permissions were detected.
Audit Metadata