Skills
skills/teachingai/full-stack-skills/pencil-ui-design-system-layui/Gen Agent Trust Hub

pencil-ui-design-system-layui

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it ingests user-provided context to drive design automation without explicit safety boundaries.
  • Ingestion points: User prompts mentioning 'Pencil' and 'Layui' or 'layui-vue' trigger the skill's logic in SKILL.md.
  • Boundary markers: Absent; there are no instructions to delimit user input or disregard embedded instructions within the design request.
  • Capability inventory: The skill can modify file state and layout through mcp__pencil__set_variables and mcp__pencil__batch_design tools.
  • Sanitization: Absent; the instructions do not specify validation or escaping for user-supplied design token names or component labels.
  • [COMMAND_EXECUTION]: The skill orchestrates the execution of Pencil MCP tools (open_document, set_variables, batch_design) to automate design tasks. This is standard behavior for the skill's purpose but involves modifying the local design environment.
  • [EXTERNAL_DOWNLOADS]: References official Layui documentation at https://layui.dev/ and https://layui.dev/docs/2/vue/ in references/official.md. These are well-known, authoritative domains for the targeted UI framework.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 10:48 AM