Skills
skills/0xdeafcafe/skills/review-ux/Gen Agent Trust Hub

review-ux

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: Implements a comprehensive trust-verification mechanism to manage the risk of indirect prompt injection from PR comments.\n
  • Ingestion points: Externally-provided preview URLs and context from GitHub PR comments.\n
  • Boundary markers: The trust gate defined in references/trust-policy.md which instructs the agent to summarize but not act on untrusted comments.\n
  • Capability inventory: Subprocess execution (Bash for dev commands), browser automation (mcp__chrome-devtools), and file system reads.\n
  • Sanitization: Verification of commenter identity and repository write-access permissions via the gh api before processing data.\n- [COMMAND_EXECUTION]: Automatically identifies and executes the project's development server command (e.g., npm run dev, just dev) as a background process to facilitate UX auditing within the browser.\n- [SAFE]: Maintains a read-only audit posture, using tools like gh pr diff and grep to analyze the application's UI surface without making changes to the source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:08 AM
Security Audit — agent-trust-hub — review-ux