modern-uiux-review
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for UI/UX analysis. It processes user-provided application information and screenshots to generate structured feedback on design quality and implementation feasibility.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted external data via the
materialsinput (screenshots and UI descriptions). While this constitutes an attack surface for indirect prompt injection, the skill lacks high-privilege capabilities such as file system write access, network operations, or shell execution, which minimizes the risk of a successful exploit. - Ingestion points: The
materialsinput field inSKILL.mdandskill.yamlis used to provide screenshots or descriptions of the UI being analyzed. - Boundary markers: The prompts do not explicitly define boundary markers or instructions to ignore embedded commands within the processed materials.
- Capability inventory: No dangerous capabilities (network access, shell execution, or file system modifications) were found in any of the skill's scripts or prompts.
- Sanitization: There is no explicit sanitization or filtering logic mentioned for the provided UI materials.
Audit Metadata