ux-writing

Pass

Audited by Gen Agent Trust Hub on May 31, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [SAFE]: The skill consists of Markdown documentation, templates, and reference materials. No malicious scripts or instructions were found in the skill body.\n- [SAFE]: All external links and resources (e.g., Figma integration, Smithery, GitHub) point to legitimate and well-known services or the author's own official repositories.\n- [NO_CODE]: The skill does not contain any executable code for the agent to run; it functions as a prompt-based knowledge base and methodology for the agent to follow.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to ingest and process external UI content from Figma links (ingestion point: docs/figma-integration.md). Boundary markers to isolate processed content are absent in the skill instructions. The capabilities available in target environments like Claude Code or Cursor include file system and shell access. No specific sanitization or filtering of external content is defined within the skill itself. However, this risk is inherent to the intended primary purpose of auditing interface copy and is not indicative of malicious intent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 31, 2026, 03:08 AM
Security Audit — agent-trust-hub — ux-writing