create-ux-design
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) due to its core functionality of ingesting and summarizing external project documentation.
- Ingestion points: In
references/steps/step-01-init.md, the skill identifies and loads various local files including*brief*.md,*prd*.md, andproject-context.mdto establish project context. - Boundary markers: The skill instructions do not define clear delimiters or use instructions to isolate the content of these external files, meaning the LLM may accidentally obey instructions embedded within the loaded documents.
- Capability inventory: The skill possesses file-writing capabilities, allowing it to create and append to Markdown files and generate HTML visualizers (e.g.,
ux-design-specification.md,ux-color-themes.html,ux-design-directions.html) as noted inreferences/steps/step-01-init.md,references/steps/step-08-visual-foundation.md, andreferences/steps/step-09-design-directions.md. - Sanitization: There is no evidence of content sanitization or validation performed on the ingested text before it is presented to the model or saved to the output files.
Audit Metadata