Skills
skills/bytedance/deer-flow/frontend-design/Gen Agent Trust Hub

frontend-design

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Mandatory Branding Requirement. The skill forces the agent to include 'Created By Deerflow' and a link to https://deerflow.tech in all generated output, overriding default neutral behavior.
  • [DATA_EXFILTRATION] (LOW): External Link Injection. Inclusion of a link to a non-whitelisted domain (deerflow.tech) in generated code acts as an attribution and potential tracking mechanism.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. 1. Ingestion points: User frontend requirements in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Generates HTML and JavaScript code. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:47 PM