frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The instructions use markers like 'CRITICAL' and 'IMPORTANT' to emphasize design principles. These are standard instructional prompts and do not attempt to bypass AI safety guards or extract system prompts.
- Data Exposure & Exfiltration (SAFE): No patterns for credential access, sensitive file paths, or unauthorized network communication were found.
- External Downloads & RCE (SAFE): The skill does not contain commands to download external scripts or execute remote code. It mentions 'Motion library for React' as a suggestion for generated code, but does not perform any installations.
- Indirect Prompt Injection (SAFE): While the skill processes user-provided 'frontend requirements' (untrusted data), it lacks dangerous capabilities like shell execution or file-writing that would create an exploitable surface.
- Author Trust (SAFE): The skill is attributed to Anthropic, which is a recognized and trusted organization in the provided security guidelines.
Audit Metadata