frontend-design-ultimate
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires and executes several command-line tools including
node,npm,npx, andvercelto manage project initialization, dependencies, and deployment. It also instructs the agent to run local bash scripts (scripts/init-vite.sh,scripts/init-nextjs.sh,scripts/bundle-artifact.sh) located within the skill's directory. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted user text to drive code generation and configuration.
- Ingestion points: User-provided design requirements and text descriptions (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore instructions within user-provided data were found in the skill files.
- Capability inventory: The skill performs file system writes (site generation), shell command execution (npm/bash), and network operations via the Vercel deployment CLI.
- Sanitization: There is no documented evidence of input validation or sanitization of the user requirements before they are incorporated into the generated project code.
Audit Metadata