frontend-design
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface detected. The skill instructions direct the agent to ingest and follow data from 'docs/ui/requirements.md', which is an untrusted external source. * Ingestion points: 'docs/ui/requirements.md' referenced in SKILL.md. * Boundary markers: Absent; there are no instructions to treat the ingested file as data only or to ignore embedded instructions. * Capability inventory: The skill generates executable frontend code (HTML, JS, React), which could be manipulated via the requirements file to include malicious scripts. * Sanitization: Absent; no validation or escaping of the ingested content is specified.
- [NO_CODE] (SAFE): This is a prompt-only skill. It contains instructions for the AI agent but does not include scripts, binaries, or automated package installations.
- [SAFE] (SAFE): No hardcoded credentials, obfuscation, or persistence mechanisms were found in the provided skill definition.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata