ui-ux-pro-max
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Privilege Escalation (MEDIUM): The instructions for setting up prerequisites on Ubuntu/Debian suggest using sudo apt install, which grants root-level access. While required for package management, it is a high-privilege operation that should be monitored.
- Indirect Prompt Injection (LOW): The skill identifies a surface for command injection by taking untrusted user input and placing it directly into a shell execution string: python3 .shared/ui-ux-pro-max/scripts/search.py "". 1. Ingestion points: User requests for styles or products are mapped to in SKILL.md. 2. Boundary markers: No delimiters or sanitization warnings are present. 3. Capability inventory: Subprocess calls via python3 script execution in SKILL.md. 4. Sanitization: No evidence of input validation or escaping before interpolation into the command line.
Audit Metadata