form-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill contains no instructions designed to bypass agent safety filters or override system prompts. It uses standard instructional language for UI design patterns.
- DATA_EXFILTRATION (SAFE): No network operations (curl, wget, fetch) or sensitive file path access (SSH keys, credentials) were detected. All external links are to reputable documentation sources (MDN, Nielsen Norman Group, WebAIM, Google Material Design).
- REMOTE_CODE_EXECUTION (SAFE): There are no patterns of remote script execution or package installation commands. The provided code snippets are static React/TSX examples for UI layout.
- CREDENTIALS_UNSAFE (SAFE): No hardcoded API keys, tokens, or secrets were found. Placeholders used in examples (e.g., 'user@example.com') are benign.
- OBFUSCATION (SAFE): No multi-layer Base64, zero-width characters, or homoglyph-based evasion techniques were identified after scanning all markdown files.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill does not ingest external or untrusted data; it provides static guidelines for the agent to follow when generating form code.
Audit Metadata