ui-designer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill executes a read-only bash command (
findandgrep) to detect the presence of a React project environment. This is a standard diagnostic operation for local development skills. - [Indirect Prompt Injection] (LOW): The skill processes untrusted user-provided content (UI screenshots and project idea documents) by interpolating them into prompt templates for sub-agents. 1. Ingestion points: Visual data from reference images and text from project idea files. 2. Boundary markers: Templates utilize XML-like tags (e.g.,
<context>,<app-overview>) to wrap user data. 3. Capability inventory: File system writes todocuments/, bash environment checks, and invocation of the Task tool for sub-agents. 4. Sanitization: No explicit input sanitization or safety-specific 'ignore' instructions are applied to the interpolated content. - [External Downloads] (SAFE): The skill suggests several well-known and trusted Node.js packages (Tailwind CSS, Lucide React) to the user for manual installation but does not automate their installation through potentially unsafe script execution.
Audit Metadata