frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill extracts design guidelines from user-provided screenshots, creating an ingestion point for untrusted data. Evidence: 1. Ingestion: screenshots/images (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: File writing to 'docs/design-guidelines/' and UI code generation. 4. Sanitization: Absent.
- Dynamic Execution (LOW): The skill is designed to generate production-grade frontend code (HTML/CSS/JS/React/Vue) at runtime. While this is the primary purpose, generating code based on untrusted design extractions presents a minor attack surface.
Audit Metadata