ui-wireframe-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructs users to install or run the 'katsuragi' package from npm (enlinks-llc/katsuragi), which is not a trusted repository or organization.
- COMMAND_EXECUTION (LOW): The skill executes command-line operations using 'npx' and the 'ktr' binary to process files and fetch data.
- DATA_EXFILTRATION (LOW): The 'ktr fetch' command makes network requests to arbitrary external URLs to retrieve HTML content.
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection by ingesting untrusted web content via the fetch command. Ingestion points: 'npx ktr fetch ' (SKILL.md). Boundary markers: None identified in documentation. Capability inventory: Network requests (fetch), file system writes (output KUI/PNG/SVG). Sanitization: Tool truncates text content to 20-30 characters per element as a display limitation, which may incidentally limit payload size.
Audit Metadata