ux-prototyping
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill reads data from external files such as 'specs/architecture/ux.md' to generate interactive HTML/JavaScript prototypes, which creates an indirect prompt injection surface. * Ingestion points: The skill reads from user-specified file paths like 'specs/architecture/ux.md' as defined in SKILL.md. * Boundary markers: Absent; there are no instructions to the agent to treat the specification content as data-only or to ignore instructions embedded within it. * Capability inventory: The skill performs file system write operations to '/mnt/user-data/outputs/prototype.html'. * Sanitization: Absent; the skill lacks validation or escaping logic for the content it extracts from the external specifications.
- [COMMAND_EXECUTION]: The skill involves script generation and file system operations to read source documents and save the resulting interactive prototypes. * Evidence: SKILL.md workflow steps 1 and 4 specify reading from and writing to the local file system.
Audit Metadata