android-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found. The language is strictly focused on UI design guidelines.
- Data Exposure & Exfiltration (SAFE): No access to sensitive file paths, hardcoded credentials, or network operations to non-whitelisted domains. References in metadata point to official Google and Android documentation.
- Obfuscation (SAFE): No Base64, zero-width characters, or hidden Unicode tags were detected in any of the files.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No package installations or remote script executions (e.g., curl | bash) are present. The skill does not contain any code.
- Privilege Escalation & Persistence (SAFE): No commands involving sudo, chmod, or system persistence mechanisms (like crontabs or shell profiles) were found.
- Indirect Prompt Injection (SAFE): While the skill is intended to guide the agent in reviewing UI code, it does not currently contain active ingestion logic or unsafe interpolation patterns that would expose the agent to untrusted data within these specific files.
Audit Metadata