Skills
skills/bitjaru/styleseed/ui-setup/Gen Agent Trust Hub

ui-setup

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches design specifications from a third-party GitHub repository (VoltAgent/awesome-design-md) using the WebFetch tool.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external markdown content without sanitization or boundary delimiters.
  • Ingestion points: DESIGN.md files retrieved from the VoltAgent/awesome-design-md repository.
  • Boundary markers: Absent; there are no instructions to isolate or treat external data as untrusted.
  • Capability inventory: The skill allows access to powerful tools including Write, Edit, and Bash.
  • Sanitization: Absent; the agent is instructed to directly extract and apply parameters from the external file to the project's CSS files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:16 AM