ui-convert-writer-penpot
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were found. The skill operates within a controlled environment using established MCP tool signatures for design creation.\n- [SAFE]: The skill does not access sensitive credentials or system files. Its use of a registry.json file is a legitimate mechanism for tracking state and ensuring idempotency in the conversion pipeline.\n- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection via the processing of external Design IR data.\n
- Ingestion points: External IR JSON files described as the input for the writer process in the SKILL.md file.\n
- Boundary markers: None explicitly defined in the provided instructions to isolate user-controlled data from agent instructions.\n
- Capability inventory: MCP tool calls for project management, node creation, and element manipulation in Penpot as defined in references/penpot-mcp-tools.md.\n
- Sanitization: Not explicitly mentioned; the skill performs structured mapping of IR properties to tool parameters.
Audit Metadata