ui-ux-pro-max
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to acquire administrative privileges via
sudo apt update && sudo apt install python3to install software, which constitutes a high-risk operation. - [COMMAND_EXECUTION]: The skill provides instructions to run a local script
skills/ui-ux-pro-max/scripts/search.pyusing parameters directly obtained from user input, creating a potential command injection vector. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8). Ingestion points: User-provided strings for product types, industries, and keywords used in the
search.pyCLI command. Boundary markers: None identified in the provided instructions. Capability inventory: The skill has the capability to execute shell commands via Python and write design configuration files to the local file system. Sanitization: There is no evidence of validation or sanitization of external content before it is interpolated into the search command.
Recommendations
- AI detected serious security threats
Audit Metadata