tailwind

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for executing the hyperframes CLI tool via npx to perform project maintenance tasks such as lint, validate, inspect, and render. These are standard operations within the tool's defined development workflow.
  • [EXTERNAL_DOWNLOADS]: The skill specifies the use of the @tailwindcss/browser@4.2.4 package as a styling dependency for the browser runtime environment. This is an official, well-known resource from Tailwind Labs.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes user requirements to generate HTML and CSS content which is then passed to CLI tools.
  • Ingestion points: User prompts requesting Tailwind utility classes or project scaffolding in SKILL.md.
  • Boundary markers: None present in the current instruction set.
  • Capability inventory: File system access and shell execution via the npx hyperframes CLI commands in SKILL.md.
  • Sanitization: No explicit sanitization or validation of generated code is defined before CLI execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:40 AM
Security Audit — agent-trust-hub — tailwind