aesthetic
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (MEDIUM): Risk of Indirect Prompt Injection through the ingestion of external web content.
- Ingestion Points: Workflow 1 uses the
chrome-devtoolsskill to capture screenshots of untrusted external sites (Dribbble, Behance, Mobbin, etc.). - Boundary Markers: The instructions do not specify any delimiters or 'ignore embedded instructions' warnings for the analyzed content.
- Capability Inventory: The skill integrates with
ui-stylingandweb-frameworks, which involve writing code (Tailwind CSS, Next.js), andchrome-devtools, which can interact with browser sessions. - Sanitization: No sanitization or validation of the extracted design principles is mentioned before they are documented and potentially used to generate project files.
- Risk: An attacker could place malicious instructions in images or metadata on 'inspiration' sites that the agent might interpret as legitimate design requirements or commands during the analysis phase.
Audit Metadata