frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure] (SAFE): The
accessibility_checker.pyscript reads local HTML/JSX/TSX files within a specified project directory to perform accessibility audits. It does not access sensitive system files (e.g., SSH keys, env files) and contains no network exfiltration logic. - [Remote Code Execution] (SAFE): No patterns of remote script downloading (curl/wget) or execution (bash/python pipe) were found. The script uses only Python standard libraries.
- [Command Execution] (SAFE): The skill does not utilize dangerous functions such as
eval(),exec(),os.system(), orsubprocess. It operates solely as a static analysis tool for code files. - [Obfuscation] (SAFE): No hidden, encoded, or obfuscated content (e.g., Base64, zero-width characters) was detected in the scripts or markdown documentation.
- [Indirect Prompt Injection] (LOW): While the script processes untrusted project files, it performs static regex-based analysis and does not interpret file content as instructions for the agent, nor does it have capabilities that could be exploited through the data it reads.
Audit Metadata