tui-loading
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill in SKILL.md provides a structured template for generating UI component specifications and drawing commands. These commands use a restricted domain-specific language (DSL) intended for the Pencil MCP tool and do not involve arbitrary shell or system command execution.
- [SAFE]: There are no patterns indicating network exfiltration or access to sensitive files like credentials or SSH keys within SKILL.md.
- [SAFE]: The workflow relies on a structured JSON input model, which minimizes the attack surface for indirect prompt injection compared to processing free-form text.
- [SAFE]: References to external rules (e.g., tui-front-ui) and tools (Pencil MCP) are consistent with the skill's stated purpose as a developer tool for UI design.
Audit Metadata