tui-designer
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill includes a Python script (
scripts/generate_palette.py) for processing color data. Analysis of the source code confirms it uses only the Python standard library (argparse,colorsys,json,sys) and performs standard mathematical operations for color conversion. While it includes file-writing capabilities via the--outputflag, this is localized to the user-specified path and is standard behavior for a CLI tool. - [DATA_EXFILTRATION] (SAFE): No network requests (
curl,wget,fetch) or hardcoded credentials were found. The skill operates entirely locally on provided input. - [PROMPT_INJECTION] (SAFE): The markdown files contain design references and code snippets but no instructions intended to override or manipulate an AI agent's behavior or safety guidelines.
- [OBFUSCATION] (SAFE): No encoded content, zero-width characters, or homoglyph attacks were identified in any of the files.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill's data ingestion surface is limited to command-line arguments for color generation. It does not ingest untrusted external data (APIs, web pages) that could lead to downstream injection.
Audit Metadata