ux-writing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions attempting to bypass safety filters or override agent behavior were found. The skill adheres to its stated purpose of providing UX writing guidance.
- DATA_EXFILTRATION (SAFE): No unauthorized file access, network operations, or hardcoded credentials were detected. The skill does not access sensitive system paths.
- REMOTE_CODE_EXECUTION (SAFE): No remote downloads or execution of external scripts were identified. The validation script is self-contained.
- COMMAND_EXECUTION (SAFE): The provided Python script (
validate.py) is limited to local file structure checks and configuration validation usingyaml.safe_load(). It does not execute arbitrary shell commands or spawn untrusted subprocesses. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes user-provided context to generate microcopy. While this provides an ingestion point for untrusted data, the skill lacks high-risk capabilities (such as network access or file system write permissions), which mitigates the risk of successful exploitation.
Audit Metadata