aesthetic-analysis
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill utilizes 'mcp-playwright' from 'https://github.com/executeautomation/mcp-playwright'. This source is not within the whitelisted Trusted GitHub Organizations or Repositories, posing a supply-chain risk for tools with system-level access.
- REMOTE_CODE_EXECUTION (HIGH): The skill deconstructs remote websites and writes 'the implementation to the target file' in the local codebase. Because the generated React Native code incorporates data from untrusted external URLs, it creates a direct pipeline for remote code injection into the local development environment.
- PROMPT_INJECTION (LOW): There is a high risk of Indirect Prompt Injection (IPI). 1. Ingestion points: Remote content accessed via Playwright MCP. 2. Boundary markers: None present. 3. Capability inventory: Reads/Writes local .tsx files and performs network operations. 4. Sanitization: None provided; the agent is instructed to 'analyze deeply' and 'match colors/interactions' from the untrusted source.
Recommendations
- AI detected serious security threats
Audit Metadata