web-design-engineer
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches frontend libraries (React, Babel, Chart.js, etc.) from well-known CDN services like unpkg.com and jsdelivr.net. The skill follows security best practices by providing Subresource Integrity (SRI) hashes for the core React and Babel scripts to ensure the integrity of the downloaded code.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process untrusted external data to inform its design decisions. \n
- Ingestion points: The agent is instructed in SKILL.md to review resources provided by the user, such as PRDs, screenshots, existing project codebases, and industry reference sites.\n
- Boundary markers: The instructions do not define explicit delimiters or warnings to ignore potential embedded instructions within these external resources.\n
- Capability inventory: The skill has the capability to generate and suggest the rendering of complex HTML, CSS, and JavaScript/React code based on these inputs.\n
- Sanitization: There is no mention of sanitizing or validating the content extracted from external resources before it influences the agent's code generation.
Audit Metadata