frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The markers 'CRITICAL' and 'IMPORTANT' are used in a benign instructional context to emphasize design quality and aesthetic intentionality, rather than attempting to override system safety protocols.
- [Indirect Prompt Injection] (LOW): The skill possesses an attack surface where untrusted user input could influence generated code behavior.
- Ingestion points: The skill takes 'frontend requirements' from the user to build components and applications.
- Boundary markers: Absent. There are no explicit instructions to the agent to treat user-provided data as data only or to ignore embedded instructions within those requirements.
- Capability inventory: The skill is designed to output functional React, Vue, HTML, and JS code, which may be executed in the user's browser or development environment.
- Sanitization: Absent. The instructions do not guide the agent to sanitize or escape user-provided content before interpolating it into the generated code.
- [External Downloads] (SAFE): The skill suggests the use of the 'Motion library' (Framer Motion) for React, which is a standard industry dependency, and does not perform unverified or automated downloads of executable scripts.
Audit Metadata