frontend-design
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python and Node.js scripts to perform its functions. Specifically, it calls
python3 skills/ui-ux-pro-max/scripts/search.pyandnode .claude/skills/brand/scripts/inject-brand-context.cjs. These scripts appear to be internal components of the vendor's skill ecosystem. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by interpolating untrusted user input directly into shell command arguments.
- Ingestion points: User-provided strings for product type, industry, and keywords within the design brief.
- Boundary markers: Absent; the inputs are placed directly into a shell command template.
- Capability inventory: Subprocess execution of Python scripts via the shell.
- Sanitization: The skill instructions do not specify any validation or escaping for the user-provided parameters before execution.
Audit Metadata