ui-ux-pro-max
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The script acts as a data retrieval bridge for an LLM, creating a surface where malicious content within search results could potentially influence agent behavior.
- Ingestion points: Data retrieved from the
searchandsearch_stackfunctions and processed informat_outputwithinscripts/search.py. - Boundary markers: Absent; while the script uses Markdown headers (e.g.,
## UI Pro Max Search Results), it does not include explicit instructions or delimiters to tell the LLM to ignore instructions found within the search data. - Capability inventory: The script has the ability to write to the filesystem via the
--persistand--pageflags, which utilize thepersist_design_systemfunction. - Sanitization: The script performs minimal sanitization by truncating result values to 300 characters, which does not prevent instruction-based attacks.
Audit Metadata