ux-journey
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted data describing user interfaces and project details which are used to populate analysis templates.
- Ingestion points: Variables such as {name} and {specific page/component} in SKILL.md receive external data.
- Boundary markers: Absent. There are no explicit delimiters used to isolate user-provided content from the agent's instructions.
- Capability inventory: The skill coordinates sub-agents (@geepers_design, etc.) and generates text reports; no file-system or network capabilities detected.
- Sanitization: Absent. No logic is provided to filter potential instructions within the analyzed UX data.
- [NO_CODE] (SAFE): This skill contains no executable scripts, binaries, or package dependencies, reducing its overall risk profile to instructional content only.
Audit Metadata