ui-convert-writer-pencil
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate design automation tasks, converting structured IR data into design tool commands. No high-risk operations or malicious patterns were identified.
- [DATA_EXPOSURE]: The skill reads design metadata from
.ui-convert/ir/and manages state inregistry.json. This local filesystem access is limited to the application's workspace and is consistent with the skill's documented purpose of design synchronization. - [INDIRECT_PROMPT_INJECTION]: The skill represents a surface for indirect injection as it processes data from IR files to populate tool parameters (e.g., component names or text content).
- Ingestion points: Reads IR artifacts from
.ui-convert/ir/files. - Boundary markers: None explicitly defined for interpolated design properties.
- Capability inventory: Limited to Pencil MCP tools such as
batch_design,set_variables, andget_screenshot. - Sanitization: None specified for the IR data nodes. Given the specialized nature of the target tool (UI design software), the risk of significant privilege escalation or exfiltration via this vector is minimal.
Audit Metadata