ux-audit
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates within its defined scope of web auditing and reporting without executing unauthorized commands or exfiltrating data.\n- [PROMPT_INJECTION]: The skill's workflow involves ingesting untrusted content from external websites, which is an inherent risk for indirect prompt injection.\n
- Ingestion points: Target website content retrieved during the crawl phase (
SKILL.md).\n - Boundary markers: No specific delimiters or safety warnings are used to wrap the ingested external content.\n
- Capability inventory: The skill can read external data through MCP tools and write report files locally (
SKILL.md).\n - Sanitization: There are no explicit instructions for filtering or sanitizing the retrieved web data.
Audit Metadata