Skills
skills/donchitos/claude-code-game-studios/team-ui/Gen Agent Trust Hub

team-ui

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill manages a pipeline where untrusted user input and intermediate specs are passed to sub-agents, creating a surface for indirect prompt injection. \n
  • Ingestion points: The skill ingests user input via the '[UI feature description]' hint and passes Phase 1 and 2 specifications as context to sub-agents in SKILL.md. \n
  • Boundary markers: The instructions mandate the use of the 'AskUserQuestion' tool for user approval at every phase transition, creating a strong human-in-the-loop boundary. \n
  • Capability inventory: The sub-agents are granted 'Bash', 'Write', 'Edit', and 'Task' tools to perform implementation and review tasks as defined in SKILL.md. \n
  • Sanitization: The skill relies on mandatory manual review of all agent proposals before moving to subsequent phases, which prevents the automated execution of potentially malicious instructions embedded in the design specs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:29 PM