frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill uses instructional markers like 'CRITICAL' and 'IMPORTANT' solely to emphasize design principles and stylistic choices. There are no attempts to bypass safety filters, extract system prompts, or override agent constraints.
- DATA_EXFILTRATION (SAFE): The skill does not contain any code for file system access, network requests, or credential handling. No sensitive paths or hardcoded secrets were found.
- REMOTE_CODE_EXECUTION (SAFE): No remote script downloads (curl|bash) or unauthorized package installations are present. The mention of the 'Motion' library is a recommendation for the AI to include in generated React code, not a runtime execution pattern within the skill itself.
- OBFUSCATION (SAFE): All text is provided in plain markdown. No Base64, zero-width characters, or hidden Unicode tags were detected.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill is a prompt-based guidance system. While it ingests user requirements to generate code, it does not provide unique surfaces for injection beyond the inherent nature of LLM code generation. No unsafe interpolation or lack of sanitization logic was found in the instructions.
Audit Metadata