frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The use of markers like 'CRITICAL' and 'IMPORTANT' is strictly instructional regarding design quality and does not attempt to bypass agent safety filters or override system-level instructions.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or network operations were detected in the skill instructions.
- Remote Code Execution & Dependencies (SAFE): The skill does not perform any external downloads or execute remote scripts. It mentions libraries like 'Motion' as suggestions for generated code but does not facilitate their installation in an unsafe manner.
- Indirect Prompt Injection (LOW): The skill ingests user requirements to generate code, which is a standard surface for injection. However, it lacks capabilities to perform dangerous operations (like file writes or network calls) based on that input.
- Obfuscation (SAFE): No encoded strings, zero-width characters, or hidden content were found.
Audit Metadata