UX Wireframe Designer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is composed entirely of Markdown-based instructions and documentation. It contains no scripts, binaries, or configuration files that could trigger code execution.
- [EXTERNAL_DOWNLOADS]: The skill includes reference links to well-known technology and design resources, including the Nielsen Norman Group, W3C (Web Accessibility Initiative), Mermaid.js, and official design guidelines from Apple, Google, and Microsoft. These are used for instructional context and do not involve automated downloads or execution of remote code.
- [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection as it processes user-provided content (
user_stories). - Ingestion points: The
user_storiesfield inSKILL.mdis used to provide the source material for design. - Boundary markers: Absent; the instructions do not specify the use of delimiters when processing the input content.
- Capability inventory: Purely text and diagrammatic generation (Mermaid, SVG, ASCII). The skill lacks executable scripts or dangerous system capabilities.
- Sanitization: Absent; the skill does not specify any sanitization or validation of the input content before processing.
Audit Metadata