frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill handles untrusted external content (user briefs and concepts) which is then interpolated into generated frontend code. This creates a surface for indirect prompt injection. Ingestion points: User-provided 'concept or brief' and 'technical constraints' in SKILL.md. Boundary markers: None provided in the instructions. Capability inventory: Generates functional HTML, CSS, JS, React, and Vue code. Sanitization: No input validation or sanitization instructions are present to prevent malicious scripts in the generated output.
Audit Metadata