frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The instructions use 'CRITICAL' and 'IMPORTANT' labels to emphasize design principles, not to bypass safety guardrails. No adversarial patterns or instructions to ignore system rules were detected.
- [Data Exposure] (SAFE): No hardcoded credentials, sensitive file paths (e.g., .env, .ssh), or unauthorized network operations are present.
- [Remote Code Execution] (SAFE): No package managers (npm, pip) or remote script fetching/execution patterns (curl, wget) are used.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest user prompts for UI generation, creating a surface for indirect prompt injection. Ingestion points: User-provided design descriptions. Boundary markers: None specified. Capability inventory: Generation of HTML/CSS/JS artifacts. Sanitization: None specified. This is a low-risk surface inherent to the skill's creative purpose.
Audit Metadata