ui-ux-pro-max
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Privilege Escalation] (LOW): Instructions advise using 'sudo apt install' for Linux users to install Python. While standard for environment setup, it involves elevated privileges.
- [Indirect Prompt Injection] (LOW): The skill ingests data from a local search tool which serves as an attack surface for untrusted content. 1. Ingestion points: Output from 'search.py' script. 2. Boundary markers: Absent in the workflow description. 3. Capability inventory: Subprocess execution of Python scripts and implementation of generated code. 4. Sanitization: No sanitization or delimiter-based isolation mentioned.
- [Command Execution] (SAFE): The skill performs routine execution of its internal 'search.py' script to retrieve design data.
Audit Metadata