Skills
skills/mingyuepop/specforge/ui-prototype/Gen Agent Trust Hub

ui-prototype

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection by ingesting untrusted data from markdown files to generate executable HTML prototypes.
  • Ingestion points: Reads content from docs/{功能名称}/1_需求文档.md and specs/1_产品概述.md (as specified in SKILL.md).
  • Boundary markers: Absent; there are no explicit instructions or delimiters used to separate user data from instructions or to warn the agent to ignore embedded commands within the requirement documents.
  • Capability inventory: The agent has file-write capabilities, outputting generated HTML files to the docs/{功能名称}/prototypes/ directory.
  • Sanitization: Absent; the skill does not specify any validation, escaping, or filtering of the ingested markdown content before it is interpolated into the generated HTML/JavaScript code.
  • [EXTERNAL_DOWNLOADS]: The skill generates HTML files that include a script reference to the Tailwind CSS CDN (https://cdn.tailwindcss.com). This is a reference to a well-known service essential for the skill's primary prototyping functionality and is considered a safe reference to a standard technology provider.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:57 AM