frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill uses markers like 'CRITICAL' and 'IMPORTANT' to emphasize design principles. These are instructional and do not attempt to bypass AI safety filters or override system instructions.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths, credentials, or network operations were detected. The skill is entirely focused on UI/UX design instructions.
- Obfuscation (SAFE): The content is clear markdown text with no encoded strings (Base64), hidden characters, or homoglyphs.
- Unverifiable Dependencies & RCE (SAFE): There are no package installations or remote script executions. The mention of the 'Motion library' is a design suggestion for React developers and not an automated installation.
- Indirect Prompt Injection (SAFE):
- Ingestion points: User-provided frontend requirements enter the prompt.
- Boundary markers: None present.
- Capability inventory: No file system access, network operations, or subprocess execution capabilities.
- Sanitization: Not applicable as the skill only outputs code text for the user.
- Persistence and Privilege Escalation (SAFE): No commands related to system persistence or privilege modification were found.
Audit Metadata