ui-skills
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
mcp__kimi__spawn_agenttool to delegate UI implementation tasks. This involves spawning a secondary agent with a dynamically generated prompt to perform file-writing operations at a specifiedtargetPath. - [PROMPT_INJECTION]: The skill employs high-authority language ('MANDATORY', 'MUST', 'NEVER') and explicit 'Anti-pattern' warnings to override default agent behaviors and enforce strict adherence to its UI constraints.
- [PROMPT_INJECTION]: The skill processes external files via the
/ui-skills <file>command to perform compliance reviews. It lacks explicit boundary markers or sanitization logic when ingesting these files, creating a potential surface for indirect prompt injection where malicious content within the analyzed file could influence the agent's behavior during the review process.
Audit Metadata