frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses instructional language to guide the AI's creative output without attempting to override safety filters or extract system prompts. Phrases like 'CRITICAL' are used benignly to emphasize design intentionality.
- [Data Exposure & Exfiltration] (SAFE): No patterns for accessing sensitive files, environment variables, or hardcoded credentials were found. There are no network operations or external data transmission logic.
- [Remote Code Execution] (SAFE): The skill does not perform any remote script downloads or package installations. It contains only markdown instructions.
- [Unverifiable Dependencies] (SAFE): No external dependencies are referenced or required. The source 'anthropics/skills' is a recognized trusted repository.
- [Persistence & Privilege Escalation] (SAFE): There are no commands that interact with the underlying operating system, shell profiles, or administrative permissions.
- [Indirect Prompt Injection] (SAFE): While the skill processes user requirements to generate UI code, it lacks capabilities (such as file-system writes or network requests) that could be exploited via malicious input data.
Audit Metadata