frontend-design
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user requirements to generate functional frontend code without explicit input sanitization or boundary markers.\n
- Ingestion points: user-provided requirements for components, pages, or applications described in SKILL.md.\n
- Boundary markers: Absent; there are no specific delimiters defined to isolate user content from the agent's instructions.\n
- Capability inventory: Generates production-grade HTML, CSS, JS, React, and Vue code based on user input.\n
- Sanitization: Absent; the skill does not specify any validation or filtering of the input content.\n- [NO_CODE]: This skill consists entirely of natural language instructions and does not bundle any executable scripts, binaries, or configuration files, which reduces the direct attack surface.
Audit Metadata