Skills
skills/duck4nh/antigravity-kit/css-styling-expert/Gen Agent Trust Hub

css-styling-expert

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute discovery and validation commands. It performs environment detection using grep, ls, and cat, and executes project-specific build scripts via npm run build to verify CSS changes.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to run utility tools such as stylelint and lighthouse. These commands may download packages from the official npm registry if they are not already present in the local environment.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted data from the user's repository to provide styling recommendations.
  • Ingestion points: Files are read through the Read, Grep, and Glob tools, as well as shell commands like cat and grep.
  • Boundary markers: The instructions do not specify any delimiters or ignore-instructions warnings for the processed file content.
  • Capability inventory: The skill has access to shell execution via Bash and file modification via Edit and MultiEdit.
  • Sanitization: There is no explicit sanitization or validation of the file content before it is processed by the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 06:12 PM