frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill uses instructional markers like 'CRITICAL' and 'IMPORTANT' to emphasize design principles. These are standard prompt engineering techniques and do not attempt to bypass safety filters or override agent behavior in a malicious way.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations (e.g., curl, fetch) were detected in the instructions.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not reference external packages or scripts, nor does it perform any remote code execution. It is a text-based instruction set for code generation rather than a tool for execution.
- Indirect Prompt Injection (SAFE): While the skill processes user-provided 'frontend requirements,' it lacks exploitable capabilities such as file-system access, network operations, or shell execution. The risk of data-driven instruction override is negligible in this context.
Audit Metadata