frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses instructional keywords like 'CRITICAL' and 'IMPORTANT' to emphasize design principles, but these are used within a benign context and do not attempt to bypass safety filters or override core agent instructions.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations were identified.
- [Unverifiable Dependencies] (SAFE): The skill mentions external libraries such as 'Motion' for React as suggestions for the agent, but it does not execute installation commands or download scripts from untrusted sources.
- [Obfuscation] (SAFE): No hidden characters, encoded strings, or homoglyphs were detected.
- [Indirect Prompt Injection] (SAFE): While the skill defines how to process user-provided frontend requirements, it does not include scripts with exploitable capabilities such as file writing or network requests that would constitute a vulnerability surface.
Audit Metadata