frontend-ui-ux
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection.
- Ingestion points: The {{ARGUMENTS}} placeholder in SKILL.md captures arbitrary user input.
- Boundary markers: There are no delimiters or 'ignore embedded instructions' warnings around the interpolated input.
- Capability inventory: The skill can spawn sub-agents (oh-my-codex:designer) and invoke MCP tools (mcp__g__ask_gemini).
- Sanitization: No sanitization or validation of the input is performed before it is passed to the downstream agent or tool.
Audit Metadata