ui-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override system prompts or bypass safety filters were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network transmission commands are present.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install packages or download/execute remote scripts.
- [Indirect Prompt Injection] (INFO): The skill is designed to process untrusted external data (frontend code for review). However, it lacks the capabilities (network access, file writing, or command execution) to turn a potential injection into a malicious side effect. The risk is limited to influencing the agent's reasoning within the current session.
- [Obfuscation] (SAFE): No Base64, zero-width characters, or hidden encoding patterns were found.
- [Privilege Escalation & Persistence] (SAFE): No commands related to acquiring root access or maintaining persistence across sessions were identified.
Audit Metadata