frontend-design
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes two Python scripts,
scripts/accessibility_checker.pyandscripts/ux_audit.py. These scripts perform static analysis on local HTML, JSX, and TSX files to identify accessibility issues and UX design violations. - [DATA_EXPOSURE]: The scripts read local project files to perform audits. However, they do not include any network capabilities, and there is no evidence of data exfiltration or access to sensitive system files (e.g., SSH keys, credentials).
- [PROMPT_INJECTION]: The instructions in
SKILL.mdfocus on improving design quality and avoiding generic aesthetics. There are no attempts to override agent safety guidelines or extract system prompts. - [REMOTE_CODE_EXECUTION]: The skill does not download or execute code from remote servers. All scripts use standard Python libraries and operate strictly on local files.
- [INDIRECT_PROMPT_INJECTION]: While the auditing scripts process local files which could theoretically contain malicious instructions, the scripts only perform regex-based pattern matching and do not interpolate data into LLM prompts in an unsafe manner.
Audit Metadata