frontend-design
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is designed to take unstructured user input and transform it into functional code, which is a high-capability risk.
- Ingestion points: User-provided frontend requirements, audience context, and technical constraints.
- Boundary markers: None. The skill does not utilize delimiters (like XML tags or triple quotes) to separate user data from instructions.
- Capability inventory: The skill has the capability to generate and suggest the execution of complex frontend code and interact with other skills like shadcn-management.
- Sanitization: None. There are no instructions to validate or filter user-provided content to prevent the injection of malicious scripts (e.g., XSS or data-stealing JS) into the generated output.
Recommendations
- AI detected serious security threats
Audit Metadata