frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The instructions use terms like 'CRITICAL' and 'IMPORTANT' to emphasize design quality and aesthetic intentionality. There are no attempts to bypass safety filters or override system instructions.
- Data Exposure & Exfiltration (SAFE): No access to sensitive files, hardcoded credentials, or network operations are present in the skill definition.
- Remote Code Execution (SAFE): The skill does not define any external dependencies, package installations, or remote script downloads.
- Indirect Prompt Injection (INFO): The skill identifies user-provided requirements as the primary data source. Ingestion points: User input in the form of component or app requirements. Boundary markers: None. Capability inventory: Generates frontend code (HTML/CSS/JS) for display/copying; no active file system or network capabilities. Sanitization: Not applicable as the skill is a stylistic prompt.
- Obfuscation (SAFE): All text is human-readable markdown with no encoded or hidden characters detected.
Audit Metadata