ux-writing
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWSAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a workflow where it reads 'target file(s)' provided by the user to perform text reviews. Since these files are external and untrusted, they could contain malicious instructions intended to mislead the agent (Indirect Prompt Injection).
- Ingestion points: SKILL.md (Review workflow step 1: 'Read the target file(s)').
- Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded commands within the UI text being reviewed.
- Capability inventory: None; the skill's capabilities are limited to reporting text findings and drafting new text. It has no access to shell execution, network requests, or persistent file modifications.
- Sanitization: Absent; the skill does not explicitly sanitize or validate the content of the target files before processing.
- [Data Exposure & Exfiltration] (SAFE): No evidence of hardcoded credentials, sensitive path access, or network calls to external domains was found.
- [Remote Code Execution] (SAFE): The skill does not download external scripts or execute dynamic code at runtime.
- [Obfuscation] (SAFE): No encoded strings, homoglyphs, or hidden Unicode characters were detected in the source files.
Audit Metadata