frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No attempts to bypass safety filters or override system instructions were found. The use of 'CRITICAL' in the instructions is contextually appropriate for directing the AI's design focus.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network transmission patterns (like curl or fetch) are present in the skill files.
- [Obfuscation] (SAFE): All content is provided in clear-text Markdown and CSS/HTML. No Base64 encoding, zero-width characters, or hidden unicode tags were detected.
- [Remote Code Execution & Dependencies] (SAFE): The skill does not include any package manifests (package.json, requirements.txt) or commands to download/execute remote scripts. The code snippets provided are static templates for the AI to use in its responses.
- [Privilege Escalation & Persistence] (SAFE): There are no commands related to system administration (sudo), file permission changes (chmod), or persistence mechanisms (cron, shell profiles).
- [Metadata Poisoning] (SAFE): The metadata identifies the author as 'anthropic' and points to a repository under the 'anthropics' organization, which is a trusted source. No deceptive instructions are hidden in the metadata fields.
- [Indirect Prompt Injection] (LOW): While the skill processes user requirements for frontend design, it lacks capabilities (such as file writing or command execution) that would make it a significant target for injection-based escalation. It primarily functions as a creative guide.
- [Dynamic Execution] (SAFE): The skill does not generate or execute scripts at runtime. It provides CSS/HTML examples for the LLM to interpolate during its own text generation process.
Audit Metadata