responsive-mobile-first
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. The components use standard React state for UI visibility.
- [Obfuscation] (SAFE): No Base64, zero-width characters, homoglyphs, or encoded commands were identified in the code or documentation.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No remote script execution or unverifiable package installations are present. The skill references standard front-end libraries like
framer-motionandlucide-react. - [Privilege Escalation] (SAFE): No commands involving
sudo, system modification, or permission changes were found. - [Persistence Mechanisms] (SAFE): No attempts to create cron jobs, modify shell profiles, or establish startup persistence were detected.
- [Metadata Poisoning] (SAFE): Metadata fields (name, description) are descriptive and free of hidden instructions or deceptive content.
- [Indirect Prompt Injection] (SAFE): The skill does not ingest untrusted external data or provide a surface for third-party instruction injection.
- [Dynamic Execution] (SAFE): No use of
eval(),exec(), or runtime compilation of code was found. The logic is restricted to standard React component lifecycle and state management.
Audit Metadata