canvas-apps-ui-gen
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust, multi-stage workflow that delegates specialized tasks (layout, controls, styling) to secondary agents. This design pattern uses controlled inputs and local reference files to ensure consistency and safety.
- [COMMAND_EXECUTION]: Uses the
Bashtool exclusively for the removal of internal temporary files (temp-skeleton.md,temp-design-spec.md, etc.) created during the generation process. This usage is restricted to the skill's own output directory and serves a legitimate cleanup purpose. - [DATA_EXFILTRATION]: Includes explicit safety instructions to prevent the exposure of real data source names or connection strings in the generated YAML, using generic sample data collection (
colSampleData) instead. - [PROMPT_INJECTION]: The instructions are focused on UI/UX analysis and code generation. There are no patterns identified that attempt to override system prompts, bypass safety filters, or adopt unrestricted personas.
Audit Metadata