ui-skills
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill contains an indirect prompt injection surface through its file review functionality.
- Ingestion points: The
/ui-skills <file>command processes untrusted external data provided in file format. - Boundary markers: The instructions do not specify any delimiters or safety constraints to prevent the agent from obeying instructions embedded within the reviewed files.
- Capability inventory: The skill's primary capability is generating text-based code reviews and code suggestions; it does not have direct write access to the filesystem or execution capabilities.
- Sanitization: No sanitization or filtering of the input file content is implemented.
- [Safe] (INFO): No evidence of hardcoded credentials, data exfiltration, obfuscation, or persistence mechanisms was found. The skill operates within the context of UI design guidance.
Audit Metadata