Skills
skills/hellowind777/helloagents/hello-ui/Gen Agent Trust Hub

hello-ui

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by design, as it must ingest and obey instructions from external project documents.
  • Ingestion points: Reads UI decisions and requirements from plan.md, PRD, DESIGN.md, and contract.json (SKILL.md).
  • Boundary markers: Absent. The skill does not specify any delimiters or safety instructions to prevent the agent from following malicious commands embedded in these input files.
  • Capability inventory: The skill has the ability to execute a local script (scripts/visual-state.mjs) and write to files in the .helloagents/ directory (SKILL.md).
  • Sanitization: Absent. There is no evidence of validation or filtering of the content retrieved from external sources before processing.
  • [COMMAND_EXECUTION]: The skill performs shell command execution to handle visual verification state management.
  • Evidence: Instructs the agent to call scripts/visual-state.mjs write to record check results in .helloagents/.ralph-visual.json (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 07:50 PM