frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (SAFE): The use of 'CRITICAL' and 'IMPORTANT' markers is strictly instructional, focusing on aesthetic intentionality and implementation complexity rather than attempting to bypass AI safety filters or override system prompts.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill accepts untrusted user input in the form of 'frontend requirements' to generate executable code.
- Ingestion points: The 'user provides frontend requirements' section in SKILL.md.
- Boundary markers: Absent. There are no instructions to use delimiters or ignore instructions embedded within the user's requirements.
- Capability inventory: The skill encourages generating 'real working code' including HTML, CSS, and JS, as well as React and Vue components.
- Sanitization: Absent. There are no guidelines to sanitize the input requirements to prevent the generation of malicious scripts (e.g., XSS) if the user provides them.
- [EXTERNAL_DOWNLOADS] (INFO): Mentions 'anime.js' and 'Motion library' as recommended tools. No automated installation scripts or remote URLs were found in the analyzed file.
Audit Metadata