aesthetic
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is highly vulnerable to indirect prompt injection (Category 8) due to its core workflow. Ingestion points: External inspiration websites such as Dribbble, Behance, and Awwwards (Workflow 1, Step 1). Boundary markers: Absent; the agent lacks instructions to ignore malicious directives embedded within analyzed designs. Capability inventory: Use of 'chrome-devtools' for browsing, 'ImageMagick' for image processing, and the ability to write files to the './docs/' directory. Sanitization: Absent; there is no validation or filtering of content extracted from external sites.
- [Command Execution] (MEDIUM): The skill utilizes 'ImageMagick' and 'chrome-devtools' to process untrusted web data. This introduces a risk of exploiting tool-specific vulnerabilities (e.g., ImageTragick) or inducing unintended behavior if the tools are invoked with parameters derived from untrusted external content.
Recommendations
- AI detected serious security threats
Audit Metadata