tailwind
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for executing the
hyperframesCLI tool vianpxto perform project maintenance tasks such aslint,validate,inspect, andrender. These are standard operations within the tool's defined development workflow. - [EXTERNAL_DOWNLOADS]: The skill specifies the use of the
@tailwindcss/browser@4.2.4package as a styling dependency for the browser runtime environment. This is an official, well-known resource from Tailwind Labs. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes user requirements to generate HTML and CSS content which is then passed to CLI tools.
- Ingestion points: User prompts requesting Tailwind utility classes or project scaffolding in
SKILL.md. - Boundary markers: None present in the current instruction set.
- Capability inventory: File system access and shell execution via the
npx hyperframesCLI commands inSKILL.md. - Sanitization: No explicit sanitization or validation of generated code is defined before CLI execution.
Audit Metadata