product-design
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: A static analysis flag was raised for
practices/component-patterns/disable-dont-hide.mdregarding action concealment. Manual inspection confirms this is a false positive; the file describes UI design principles for when to disable versus hide interactive elements in software interfaces and does not contain instructions to override agent behavior. - [COMMAND_EXECUTION]: The skill includes a bash script
scripts/validate-skill-references.sh. Review of the code confirms it is a repository maintenance tool that validates file existence and frontmatter consistency. It does not perform network operations, access sensitive paths, or execute external input. - [DATA_EXFILTRATION]: No network-capable commands (like curl or wget) or sensitive file access patterns were detected in the skill's instructions or scripts.
- [EXTERNAL_DOWNLOADS]: The skill does not reference or download any external dependencies or packages.
Audit Metadata