frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): Use of instructional markers like 'CRITICAL' and 'IMPORTANT' is limited to directing the agent's aesthetic focus. No patterns aimed at bypassing safety filters or overriding core instructions were detected.
- NO_CODE (INFO): The skill is entirely declarative and instructional. It contains no scripts (.py, .js, .sh), no configuration files, and no executable code blocks.
- DATA_EXFILTRATION (SAFE): No sensitive file paths, hardcoded secrets, or network transmission patterns are present.
- EXTERNAL_DOWNLOADS (SAFE): No remote code downloads or automated package installations are defined. References to libraries (e.g., Motion) are stylistic suggestions rather than executable dependencies.
- INDIRECT_PROMPT_INJECTION (LOW): The skill defines a surface for processing user-provided frontend requirements. However, because the skill lacks any capabilities for command execution, file writing, or network access, the potential impact of malicious user input is confined to the generated UI code itself.
Audit Metadata