tool-ui-ux-pro-max
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No malicious behavior, obfuscation, or unauthorized data access patterns were detected in the source code or metadata.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill processes untrusted content from local CSV files. 1. Ingestion points: scripts/core.py reads from multiple CSV files in the data/ directory via the _load_csv function. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used in the formatted output. 3. Capability inventory: The skill only prints results to stdout and possesses no subprocess, file-write, or network operations. 4. Sanitization: Content is processed as raw text without validation or filtering. The severity is INFO because the skill has a display-only role with no side-effect capabilities.
Audit Metadata