frontend-design
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection risks due to its core workflow of processing external, untrusted data to generate executable code implementations.
- Ingestion points: In
SKILL.mdandREADME.md, the agent is instructed to analyze user-provided screenshots and existing codebases to provide design transformations. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from being influenced by instructions that might be embedded within the user's uploaded images or snippets.
- Capability inventory: The agent has the capability to generate and suggest executable code (HTML, CSS, JS, and JSX) across its core skill file and reference guides like
animation-patterns.md. - Sanitization: The instructions do not define any sanitization or validation protocols for the external content before it is used to influence the agent's output.
Audit Metadata