ui-mockup-builder
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the processing of repository-based design assets.
- Ingestion points: Step 1 in
SKILL.mdmandates that the agent scan the repository for existing design systems, UI libraries, and tokens (e.g., indesign/,docs/design-system/, ortokens/). - Boundary markers: The skill lacks specific delimiters or instructions to ignore potential commands embedded within these external files, which could lead the agent to follow malicious instructions contained in design configurations.
- Capability inventory: The agent has the capability to write various documentation and specification files (Markdown, JSON, HTML) to the repository's
docs/mockups/path. - Sanitization: No sanitization or validation logic is defined to check the integrity of data read from existing files before it is used to generate new documentation.
Audit Metadata