Skills
skills/jordanhubbard/loom/web-designer/Gen Agent Trust Hub

web-designer

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface. The skill is designed to process and modify web source files (HTML, CSS, JS) but lacks explicit instructions to sanitize or delimit potentially malicious instructions that could be embedded in the code it evaluates.
  • Ingestion points: Source files located in web/static/ (referenced in references/UX_REVIEW_FINDINGS.md).
  • Boundary markers: Absent. The instructions do not specify delimiters or warnings to ignore embedded natural language instructions within the code files.
  • Capability inventory: The persona is authorized to write front-end code (HTML, CSS, JS), update documentation, and make backend adjustments, providing a mechanism for an injection to manifest as unauthorized code changes.
  • Sanitization: Absent. No validation or filtering logic is defined for the content ingested from the web interface files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 11:42 PM