mailchimp-ui-skills
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): The instructions use standard design system language (MUST/SHOULD/NEVER) to define UI constraints. No malicious override patterns, jailbreak attempts, or system prompt extraction techniques were detected.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths, hardcoded credentials, or unauthorized network operations are present in the skill files.
- Remote Code Execution (SAFE): The skill contains no scripts, package dependencies, or commands to download and execute external code.
- Obfuscation (SAFE): All content is provided in clear-text Markdown and JSON. No encoded strings, zero-width characters, or homoglyphs were found.
- Indirect Prompt Injection (SAFE): As a design guideline skill (blueprint), it does not ingest untrusted runtime data or have exploitable capabilities like file-writing or subprocess execution.
Audit Metadata