frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill uses instructional markers like 'CRITICAL' and 'IMPORTANT'. These are used for emphasis within the design context rather than attempting to bypass safety filters or override system constraints.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user data ('frontend requirements') to generate code.
- Ingestion points: User requirements provided at runtime (SKILL.md).
- Boundary markers: Absent; user requirements are interpolated directly into the design logic.
- Capability inventory: The skill instructs the agent to output functional HTML, CSS, and JavaScript. While the skill itself does not invoke subprocesses, the resulting code is intended for execution in a browser context.
- Sanitization: Absent; the skill does not explicitly instruct the agent to sanitize or escape user-provided text before including it in the generated UI.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths, environment variables, or hardcoded credentials detected. No network operations (curl, fetch) are present.
- [Unverifiable Dependencies] (SAFE): The skill references 'anime.js' via a local documentation file (./references/animejs.md) rather than a remote download script or unversioned package installation.
- [Obfuscation] (SAFE): No evidence of Base64 encoding, zero-width characters, or homoglyphs used to hide malicious intent.
Audit Metadata