frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): Instructional markers like 'CRITICAL' and 'IMPORTANT' are used strictly for aesthetic guidance and do not attempt to bypass safety filters or override system behavior.
- Data Exposure & Exfiltration (SAFE): No patterns detected for accessing sensitive files, environment variables, or performing network exfiltration.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill mentions common frontend frameworks (React, Vue) and the Framer Motion library as design targets, but does not perform installations or execute remote code.
- Persistence & Privilege Escalation (SAFE): No commands found that attempt to gain elevated permissions or persist across sessions.
- Indirect Prompt Injection (LOW):
- Ingestion points: The skill processes user-provided frontend requirements to generate code (SKILL.md).
- Boundary markers: No explicit delimiters or warnings provided for separating user input from system instructions.
- Capability inventory: The skill is limited to generating frontend code (HTML/CSS/JS) as text output.
- Sanitization: No sanitization of user-provided input is described.
Audit Metadata