Skills
skills/claude-code-community-ireland/claude-code-resources/ui-ux-pro-max/Gen Agent Trust Hub

ui-ux-pro-max

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing a local Python script at skills/ui-ux-pro-max/scripts/search.py to perform reasoning and search operations.
  • [COMMAND_EXECUTION]: Instructions explicitly direct the agent/user to run sudo apt update && sudo apt install python3 on Linux systems, which involves elevated administrative privileges.
  • [PROMPT_INJECTION]: The skill implements a hierarchical retrieval pattern that directs the agent to read and prioritize rules from dynamically generated local files like design-system/MASTER.md and design-system/pages/*.md. This creates an indirect prompt injection surface where external inputs processed by the search script can influence future agent behavior.
  • Ingestion points: User-provided keywords and product descriptions passed as CLI arguments to the search script.
  • Boundary markers: Absent; the agent is simply told to "read design-system/MASTER.md" and "prioritize its rules."
  • Capability inventory: Subprocess execution of Python scripts and filesystem write/read operations.
  • Sanitization: Not specified for the content written to the design system files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 26, 2026, 10:57 PM