frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The skill uses instructional markers such as 'CRITICAL' and 'IMPORTANT' to emphasize design principles. These are benign and do not attempt to bypass safety filters, override system instructions, or extract the system prompt.
- Data Exposure & Exfiltration (SAFE): There are no commands that access sensitive file paths, hardcoded credentials, or network operations targeting external domains.
- External Downloads & Remote Code Execution (SAFE): The skill does not perform package installations (npm, pip) or execute remote scripts. While it mentions the 'Motion' library, it does not provide installation commands or remote URLs.
- Indirect Prompt Injection (INFO):
- Ingestion points: The skill processes user-provided requirements for frontend components (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are present.
- Capability inventory: The skill generates code (HTML/CSS/JS) but lacks built-in capabilities for subprocess execution, file writing, or network communication.
- Sanitization: No input validation or sanitization logic is present.
- Risk Assessment: As the skill's purpose is to influence the visual quality of generated code for display/UI purposes without system-level write/exec capabilities, the risk tier is minimal.
- Obfuscation (SAFE): No Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques were detected.
Audit Metadata