Skills
skills/synkraai/aios-core/aiox-ux-design-expert/Gen Agent Trust Hub

aiox-ux-design-expert

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The activation protocol triggers the execution of a local script using Node.js: node .aiox-core/development/scripts/generate-greeting.js ux-design-expert. This command is used to generate the agent's initial greeting at runtime.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it designates external markdown files as its primary 'source of truth' for instructions.
  • Ingestion points: Loads instructions from .aiox-core/development/agents/ux-design-expert.md or .codex/agents/ux-design-expert.md.
  • Boundary markers: None identified; instructions from external files are loaded directly into the context without delimiters or 'ignore instructions' warnings.
  • Capability inventory: Capability to execute shell commands via node.
  • Sanitization: No validation or sanitization logic is specified for the content of the loaded files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 03:38 PM