frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of instructional markdown and YAML metadata. There are no executable scripts (Python, JavaScript, Shell) or configuration files included that could perform operations on a host system.
- PROMPT_INJECTION (SAFE): While the instructions use terms like 'CRITICAL' and 'IMPORTANT', they are used to emphasize design quality and aesthetic intentionality. There are no attempts to bypass safety filters, ignore previous instructions, or extract system prompts.
- EXTERNAL_DOWNLOADS (SAFE): The text mentions the 'Motion library' (likely referring to Framer Motion) as a recommendation for React implementations, but it does not provide commands to download or install external packages.
- DATA_EXFILTRATION (SAFE): No code is present to access local files, environment variables, or perform network requests.
- INDIRECT PROMPT INJECTION (SAFE): As a code generation template, it processes user requirements. However, it lacks the capability inventory (such as file-writing or subprocess execution) to be leveraged as a vector for indirect injection attacks.
Audit Metadata