Skills
skills/effeilo/claude-code-frontend-skills/front-a11y/Gen Agent Trust Hub

front-a11y

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Potential for Indirect Prompt Injection. The skill processes frontend source files (HTML, Vue, JSX, Svelte, Astro) which are untrusted data. A malicious file could contain instructions designed to hijack the agent's session.
  • Ingestion points: Source files are read using the Read tool as specified in SKILL.md.
  • Boundary markers: The instructions do not define clear boundaries or 'ignore' commands for the content being audited.
  • Capability inventory: The skill uses Edit and Write tools to modify files in 'fix' mode, which could be exploited to write unauthorized content if the agent is manipulated.
  • Sanitization: No content sanitization is performed on the input files before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:52 PM
Security Audit — agent-trust-hub — front-a11y