fix-ui
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local Python scripts within the user's home directory (.claude/skills/ui-ux-pro-max/) for environment-specific UI research. This is an intended diagnostic function and does not involve executing code from untrusted remote sources.
- [DATA_EXFILTRATION]: Includes the ability to push changes to a remote Git repository. This capability is managed through a subagent and explicitly requires user confirmation before execution, preventing unauthorized data transfer.
- [PROMPT_INJECTION]: The skill processes user-supplied issue descriptions and external documents, creating an indirect injection surface. Evidence Chain: Ingestion points: issue arguments and local documentation files; Boundary markers: User input is delimited using XML-style tags; Capability inventory: Subprocess calls, file writing, and git operations; Sanitization: While no explicit sanitization is mentioned, the skill's required protocols force the agent to verify all inputs against the actual source code, significantly reducing the impact of any embedded malicious instructions.
Audit Metadata