web-design-engineer
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior is consistent with its stated purpose and adheres to security best practices.
- [EXTERNAL_DOWNLOADS]: Fetches web development libraries from well-known providers including unpkg.com, jsdelivr.net, and d3js.org. These include React, Babel, and data visualization tools, which are standard for web prototyping. The skill proactively recommends using integrity hashes for these downloads.
- [DYNAMIC_EXECUTION]: Employs Babel Standalone for browser-side JSX transpilation in React prototypes, which is a legitimate and common technique for self-contained demonstrations.
- [INDIRECT_PROMPT_INJECTION]: The skill gathers design context from external sources to ensure visual consistency.
- Ingestion points: User-provided codebases, design assets, and screenshots (File:
SKILL.md). - Boundary markers: Not explicitly defined in instructions.
- Capability inventory: Agent is authorized to generate and modify HTML, CSS, and JavaScript files (File:
SKILL.md). - Sanitization: Not explicitly described for context processing. This ingestion is a standard functional requirement for the skill.
Audit Metadata