ui-designer
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety guidelines, or extract system prompts.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or access to sensitive file paths (e.g., .ssh, .aws) detected. No network operations targeting external domains were identified.
- Command Execution (SAFE): The skill documentation identifies 'Bash' as an available tool for creating design specifications, but no specific or malicious shell commands are provided in the skill files.
- Indirect Prompt Injection (LOW): The skill has a defined attack surface for indirect injection.
- Ingestion points: Processes user-provided UI design requirements and existing design files (SKILL.md).
- Boundary markers: None explicitly defined in the provided instructions to delimit untrusted data.
- Capability inventory: Includes high-privilege tools such as Read, Write, Edit, Bash, Glob, and Grep (SKILL.md).
- Sanitization: No specific sanitization or validation logic for user-provided design input is documented.
Audit Metadata