frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The skill contains clear, objective instructions for code review without any attempts to override system safety protocols or bypass constraints.
- Data Exposure & Exfiltration (SAFE): The allowed tools (
view_file,view_file_outline,grep_search) are strictly read-only. There are no network capabilities or instructions that would facilitate the exfiltration of sensitive data. - Remote Code Execution (SAFE): There are no references to external scripts, remote downloads, or package installations.
- Indirect Prompt Injection (INFO): The skill is designed to process external code files, which constitutes an injection surface. However, the risk is negligible (INFO) because the skill has no write or execute permissions and its output is purely advisory.
- Ingestion points: Source code is read via
view_fileandgrep_search. - Boundary markers: No specific delimiters are used to separate untrusted code from instructions.
- Capability inventory: The skill is limited to read-only file system operations.
- Sanitization: No explicit sanitization or filtering of input code is performed.
Audit Metadata