design-system-starter
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters. Instructions are limited to design system guidance.
- DATA_EXFILTRATION (SAFE): No network requests, credential access, or sensitive file path references detected. The skill focuses on generating local UI code.
- OBFUSCATION (SAFE): Content is clear, human-readable text and standard TypeScript code. No Base64, zero-width characters, or homoglyphs detected.
- EXTERNAL_DOWNLOADS (SAFE): No remote script execution or unverifiable package installations. References to tools like Tailwind CSS and React are informational.
- COMMAND_EXECUTION (SAFE): No use of shell commands, subprocesses, or dynamic execution functions (e.g., eval, exec).
- INDIRECT_PROMPT_INJECTION (LOW): While the skill processes user requirements to generate UI code, it does not ingest external untrusted data sources (like URLs or emails), significantly limiting the attack surface.
Audit Metadata