Skills
skills/buyoung/skills/ux-design-guide/Gen Agent Trust Hub

ux-design-guide

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [NO_CODE]: The skill is composed entirely of Markdown documentation and instructions. It does not include any Python scripts, JavaScript files, shell scripts, or binary executables.
  • [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted UI code or components provided by the user. While this represents a surface for indirect prompt injection, the impact is negligible as the skill lacks any interactive system capabilities such as network access or file system permissions.
  • Ingestion points: The 'Target' input field defined in the SKILL.md contract.
  • Boundary markers: No explicit delimiters or instructions to disregard embedded commands are provided.
  • Capability inventory: None. The skill generates text-only reports and has no access to external APIs or local system resources.
  • Sanitization: No input validation or filtering of the provided UI code is performed.
  • [SAFE]: No obfuscation, data exfiltration patterns, or persistence mechanisms were found. The skill operates as a static reference for UX best practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:33 PM