frontend-design
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides extensive design documentation and instructions for using established frontend frameworks. No malicious code, hardcoded credentials, or unauthorized network operations were identified.
- [PROMPT_INJECTION]: Heuristic detections of actions concealment were reviewed and confirmed as false positives.
- The references to "concealment" in reference/marketing-copywriting.md and reference/interface-honesty.md appear in the context of advising designers to avoid using "dark patterns" and deceptive interface practices.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of standard, legitimate frontend packages from established registries and official documentation.
- Packages include sonner, vaul, and motion-v, which are standard in the referenced ecosystems.
- Documentation links point to official domains such as nextjs.org and react.dev.
- [COMMAND_EXECUTION]: The skill guides the use of official CLI tools for project setup and maintenance.
- Includes usage of the shadcn/ui CLI and official Next.js codemods for project configuration.
- [DATA_EXFILTRATION]: No patterns of unauthorized data collection or exfiltration were found. The skill includes explicit instructions for handling secrets in .env files, which is a standard security best practice.
Audit Metadata