imprint
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill identifies and reads local UI component files within the project directory to document visual styles. The extracted data is written to a local file ('ui-registry.md'). No evidence of accessing sensitive files (e.g., .ssh, .aws, .env) or performing network operations was found.\n- [PROMPT_INJECTION]: The skill ingests data from component files, creating an attack surface for indirect prompt injection.\n
- Ingestion points: Step 1 and Audit Mode Step 1 in SKILL.md (reads component source code from the project directory).\n
- Boundary markers: The instructions do not define explicit delimiters to separate component code from agent instructions.\n
- Capability inventory: File read and write operations in SKILL.md used to manage the UI registry.\n
- Sanitization: The skill instructions focus on extracting specific visual classes, which reduces the impact of potentially malicious content in file comments, though no explicit sanitization is performed.
Audit Metadata