setup
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests untrusted data from project files (e.g., README.md, package.json, and documentation) to synthesize design principles.
- Ingestion points: Project files and documentation are read to extract design context.
- Boundary markers: No explicit delimiters are used to wrap the ingested content during processing.
- Capability inventory: The skill possesses the capability to read project files and write to local markdown files (.better-web-ui.md and AGENTS.md).
- Sanitization: There is no explicit sanitization or instruction-filtering for the content read from the codebase.
- [DATA_EXFILTRATION]: No network exfiltration patterns were detected. The skill reads local project metadata and writes it back to a local configuration file within the same repository.
- [CREDENTIALS_UNSAFE]: The skill does not access sensitive credential paths or environment variables; it focuses on public project configuration files such as package.json and components.json.
Audit Metadata