ui-designer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill uses find and grep to locate package.json files and verify the React environment. It also provides commands to initialize a React environment and install standard UI libraries like Tailwind CSS and Lucide React. All commands are relevant to the skill's functionality and execute locally.\n- PROMPT_INJECTION (LOW): This finding refers to Category 8 (Indirect Prompt Injection). \n
- Ingestion points: Reference images and project idea files. \n
- Boundary markers: Uses template placeholders like {项目背景} to delimit data. \n
- Capability inventory: File reading, code generation for React, and shell command execution. \n
- Sanitization: Lacks explicit sanitization of text or styles extracted from images before they are incorporated into implementation prompts.\n- DATA_EXPOSURE (SAFE): The skill reads and writes to local project directories (documents/, assets/). It does not target sensitive system files or credentials.
Audit Metadata