frontend-designer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses npx shadcn to initialize projects and add components, as well as grep to scan local files for code patterns. These are standard developer operations and are restricted to the context of the requested project files.
- [EXTERNAL_DOWNLOADS]: The skill fetches assets and configurations from the well-known shadcn/ui registry and the npm package registry. These resources are trusted and essential for modern frontend development stacks.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection (Category 8) because it ingests local file content for auditing and refactoring. The evidence chain is as follows: 1) Ingestion points: local .tsx, .jsx, and .css files; 2) Boundary markers: absent; 3) Capability inventory: npx command execution and file-write operations (SKILL.md); 4) Sanitization: absent. However, the skill provides mitigation through a mandatory user approval gate before executing code changes in Refactor mode and a read-only policy for Audit mode.
Audit Metadata