UX Researcher
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill creates and maintains a local directory structure at
~/ux-researcher/to persist research outputs and session history. It performs file read and write operations within this specific path to manage documents likememory.md,personas.md, andjourney-map.md. - [PROMPT_INJECTION]: The skill uses detailed role-play instructions to establish a "UX Researcher" persona. These guidelines focus on output quality and methodology, instructing the agent to ground insights in industry patterns rather than inventing data.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface where untrusted data from the user (product descriptions, audience context) is processed and written to local files.
- Ingestion points: User-provided product descriptions and context during the setup phase and clarifying questions (
setup.md). - Boundary markers: Absent; there are no delimiters used to separate user data from skill instructions.
- Capability inventory: File-writing capabilities across multiple scripts to the
~/ux-researcher/directory. - Sanitization: Absent; the skill does not define methods for escaping or validating external content before it is used to generate file outputs.
Audit Metadata