frontend-design
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily instructional, providing design philosophy, CSS snippets, and engineering best practices. It does not contain any executable scripts or dangerous command patterns.
- [DATA_EXPOSURE]: No hardcoded credentials, API keys, or access to sensitive local files were detected. Code examples involving data fetching (e.g., in the Redux or React Query sections) are intended for the user's application code and are not executed by the agent for exfiltration.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote script downloads or automated software installations. References to package managers (like npm or vite) appear exclusively within documentation and migration guides for the user to follow manually.
- [PROMPT_INJECTION]: No instructions were found that attempt to bypass safety filters, extract system prompts, or override agent behavior beyond the intended scope of design consultation.
- [INDIRECT_PROMPT_INJECTION]: The skill includes a protocol to read a project-specific configuration file (
.impeccable.md) to gather design context. While this is an ingestion point for external data, it is used for its primary design-related purpose and does not expose the agent to high-risk capabilities through this input.
Audit Metadata