frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill uses instructional markers like 'CRITICAL' and 'IMPORTANT' to emphasize design quality; these do not target system prompt overrides or safety bypasses.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive files, hardcoded credentials, or network exfiltration patterns were detected.
- [Remote Code Execution] (SAFE): The skill contains no shell commands, remote script downloads, or package installation steps.
- [Indirect Prompt Injection] (INFO): The skill processes untrusted user-provided requirements to generate code. Evidence: (1) Ingestion point: User design requirements described in SKILL.md; (2) Boundary markers: Absent; (3) Capability inventory: None (no executable code or tools are present in this skill); (4) Sanitization: Absent. Because the skill lacks any side-effect capabilities, the injection surface cannot be leveraged for malicious actions.
Audit Metadata