frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill provides a script
scripts/accessibility_checker.pyused for auditing project files for WCAG compliance. The script performs static analysis via regular expressions and does not execute the analyzed code or perform dangerous system operations. - DATA_EXFILTRATION (SAFE): No network operations, external data requests, or hardcoded credentials were found. The skill operates locally on project files.
- PROMPT_INJECTION (SAFE): The instructional content focuses on design principles and decision-making. No attempts to bypass safety filters or override system instructions were identified.
- INDIRECT_PROMPT_INJECTION (SAFE): The audit script reads external HTML/JSX files into memory. Evidence chain: (1) Ingestion points:
scripts/accessibility_checker.pyreads local files; (2) Boundary markers: Absent; (3) Capability inventory: Static analysis only, no network or write access; (4) Sanitization: Not required as content is processed via regex and not interpolated into prompts.
Audit Metadata