ui-ux-spec-genome
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local CLI tools including bash, ripgrep (rg), and python3 for source code analysis and documentation scaffolding. The implementation includes safety checks, such as using 'set -euo pipefail' and path validation in installation scripts, to ensure operations are contained and secure.
- [EXTERNAL_DOWNLOADS]: The skill documentation provides an optional installation path using the 'openskills' utility to fetch the skill from the vendor's official GitHub repository. This process is transparent and utilizes the author's own infrastructure for delivery.
- [DATA_EXFILTRATION]: The included scanner script inventories file paths and code patterns. The skill identifies this data as sensitive and provides a dedicated 'redaction-guide.md' to help users sanitize the output before sharing it. No unauthorized network activity or data transmission was detected.
- [PROMPT_INJECTION]: The 'SKILL.md' file includes explicit guardrails for the agent, advising against the automatic execution of commands found in scanned documentation, which helps maintain a secure boundary when interacting with untrusted source code.
Audit Metadata