design-system-starter
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions designed to override agent behavior or bypass safety filters were detected in the documentation or templates.
- Data Exposure & Exfiltration (SAFE): No hardcoded secrets, sensitive file paths (such as .env or .ssh), or network exfiltration patterns (curl/wget) were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not download or execute remote scripts. It mentions standard tools like React and Tailwind CSS only for conceptual context.
- Persistence & Privilege Escalation (SAFE): No commands for modifying system configurations, startup scripts, or acquiring elevated permissions (sudo) are present.
- Dynamic Execution (SAFE): The provided templates are static TypeScript/React code and do not involve runtime code evaluation mechanisms like eval() or exec().
Audit Metadata