co-star-ui
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No prompt injection, bypass attempts, or instructions to ignore safety filters were found. The skill uses structured prompting (Context, Objective, Style, Tone, Audience, Response) to ensure coherent agent behavior.
- [SAFE]: No data exfiltration or sensitive file access patterns were detected. The skill focuses on UI architecture and code generation within the user's provided context.
- [SAFE]: No obfuscation techniques, such as Base64 encoding of commands or zero-width characters, are present in the skill files.
- [SAFE]: The skill references established and reputable UI libraries and component registries (e.g., shadcn/ui, MUI, Radix UI, Anime.js). These are suggested for the user to integrate into their own projects rather than being executed automatically by the agent.
- [PROMPT_INJECTION]: The skill is designed to process user input from 'discovery questions' to generate plans and code. While this is an ingestion point for external data (Category 8 surface), the structured CO-STAR framework and 'negative constraints' sections (e.g., 'no mixing incompatible design languages') provide boundaries that reduce the risk of accidental obedience to embedded instructions.
Audit Metadata