pencil-ui-designer
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill functions as an orchestration layer to classify user intent and route to appropriate design system handlers. No indicators of data exfiltration, unauthorized command execution, or obfuscation were found.- [PROMPT_INJECTION]: The skill processes user requests to determine target frameworks. 1. Ingestion points: User requests are parsed during the intent classification step in SKILL.md. 2. Boundary markers: The instructions do not define explicit delimiters for untrusted input. 3. Capability inventory: The skill coordinates design-specific MCP tools (e.g., open_document, batch_design). 4. Sanitization: No explicit validation of framework names is present. The risk of indirect injection is minimal given the design-focused scope of the capabilities.
Audit Metadata