aesthetic
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Indirect Prompt Injection vulnerability through external data ingestion.
- Ingestion points: The skill explicitly instructs the agent to browse and capture screenshots from external inspiration sites (Dribbble, Mobbin, Behance, Awwwards) in 'Workflow 1'.
- Boundary markers: Absent. There are no instructions to delimit external content or to ignore potential instructions embedded within the analyzed visual or textual data.
- Capability inventory: The skill leverages high-privilege integrations including 'web-frameworks' (building Next.js apps), 'ui-styling' (writing CSS/Tailwind), and 'media-processing' (executing FFmpeg and ImageMagick commands).
- Sanitization: None detected. Extracted design patterns and findings from external sites are directly interpolated into design prompts and implementation workflows.
- Risk: An attacker-controlled website could include 'invisible' or subtle instructions that the agent extracts during the analysis phase, potentially leading to the generation of malicious code or the execution of unintended system commands via media tools.
Recommendations
- AI detected serious security threats
Audit Metadata