ui-audit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): No malicious patterns or instructions were detected across any of the 22 files. The content is strictly educational and instructional regarding UX/UI design principles.
- NO_CODE (SAFE): The skill contains no executable logic (Python or Node.js scripts) other than a benign post-install echo command in the package.json. This eliminates the risk of Remote Code Execution (RCE), Data Exfiltration, or Privilege Escalation within the skill itself.
- PROMPT_INJECTION (SAFE): The instructions in SKILL.md and README.md are clearly focused on the stated purpose of UI auditing. There are no attempts to bypass safety filters, extract system prompts, or override agent behavior.
- DATA_EXPOSURE (SAFE): No hardcoded credentials, API keys, or sensitive file path references were found in the skill content.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill is designed to process external UI designs (e.g., Figma URLs), it does not provide the agent with any technical capabilities (like file writing or network requests) that could be exploited via malicious text embedded in those designs.
Audit Metadata