ui-ux-pro-max
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely locally using Python's standard library to search and retrieve UI/UX design data from bundled CSV files.
- [COMMAND_EXECUTION]: The skill instructions in
SKILL.mdrecommend standard environment setup commands for the user (e.g.,brew install,apt install,winget install) to ensure Python is available. These are documented for the user and are not executed autonomously by the agent in a hidden or malicious manner. - [DATA_EXPOSURE_EXFILTRATION]: No network-capable modules (like
requestsorurllib) or exfiltration patterns were found. File access is strictly limited to the skill's own data directory using relative path calculations inscripts/core.py. - [PROMPT_INJECTION]: While the skill contains a
prompts.csvfile with AI-oriented keywords, these are intended as design templates for the agent to assist with UI generation and do not contain instructions to bypass safety filters or ignore system prompts. - [INDIRECT_PROMPT_INJECTION]: The skill processes internal CSV data. While it lacks explicit boundary markers when returning search results to the agent, the data sources are static, local files provided within the skill package, significantly limiting the risk of external data poisoning.
Audit Metadata