frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): Instructional keywords like 'CRITICAL' and 'IMPORTANT' are used to emphasize design quality and do not attempt to bypass safety protocols.
- Data Exposure & Exfiltration (SAFE): No sensitive file access or network communication patterns were identified.
- Unverifiable Dependencies (SAFE): Mentions of standard frameworks and libraries (React, Vue, Motion) are stylistic references and do not include commands for downloading or installing code from untrusted sources.
- Indirect Prompt Injection (SAFE): The skill possesses an ingestion surface for untrusted data as it processes user requirements to generate code, which is its primary intended function. While explicit sanitization is absent, the risk is managed by underlying agent guardrails and the generative nature of the task. 1. Ingestion points: User-provided frontend requirements in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Generates functional HTML, CSS, and JS/React/Vue code. 4. Sanitization: Absent.
Audit Metadata