frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- General Security (SAFE): The skill is entirely instructional and does not contain any executable commands, subprocess calls, or scripts. It focuses on the creative and structural aspects of web development (HTML/CSS/React).
- Data Exposure & Exfiltration (SAFE): No network operations (curl, wget, fetch) or access to sensitive local file paths (credentials, env files) were identified.
- Remote Code Execution (SAFE): There are no patterns involving the download or execution of remote scripts or unverified dependencies.
- Indirect Prompt Injection (INFO): The skill processes user-provided project requirements to generate design output. However, since the skill has no side-effect capabilities such as file modification or network communication, the risk associated with processing untrusted data is negligible.
Audit Metadata