frontend-design
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is vulnerable to instructions embedded within user requirements that could lead to the generation of malicious code. * Ingestion points: User-provided frontend requirements (SKILL.md). * Boundary markers: Absent. The instructions do not specify delimiters for user input or warnings to ignore embedded commands. * Capability inventory: Instructs the agent to implement real working code including HTML, CSS, JS, and React (SKILL.md). * Sanitization: Absent. No instructions are provided to sanitize or validate the user-provided requirements before code generation.
Recommendations
- AI detected serious security threats
Audit Metadata