ui-design-tips
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files or perform any network requests. It operates entirely on a local dataset.
- [Remote Code Execution] (SAFE): No scripts, external dependencies, or dynamic code execution patterns were detected. The skill consists only of markdown instructions and a metadata JSON file.
- [Indirect Prompt Injection] (LOW): The skill is designed to process user UI descriptions and match them against a local JSON file (
references/ui-design-tips.json). While the skill processes untrusted user input, it lacks the dangerous capabilities (such as file writing, shell execution, or network access) required to turn an injection into a high-impact attack. - [Obfuscation] (SAFE): No encoded strings, homoglyphs, or hidden characters were found in the provided files.
Audit Metadata