Skills
skills/hillstone-networks/agent-skills/frontend-codegen/Gen Agent Trust Hub

frontend-codegen

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads existing source code from the project (e.g., in src/utils/, src/components/, src/hooks/) to identify reusable components and logic. Maliciously crafted instructions embedded in these files could potentially influence the agent's behavior during its code generation tasks.
  • Ingestion points: Local source files in src/ directory (as described in Section 2 of SKILL.md).
  • Boundary markers: Absent.
  • Capability inventory: The skill is designed to write frontend code and execute unit/component tests using Vitest (as described in Section 5 of SKILL.md).
  • Sanitization: Absent.
  • [EXTERNAL_DOWNLOADS]: The skill implements a secure policy for adding third-party dependencies by requiring the agent to propose exactly three options and wait for explicit user confirmation before installation. This human-in-the-loop pattern mitigates the risk of unauthorized or malicious package additions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 01:25 AM