make-interfaces-feel-better
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze and review external frontend code and UI components. This creates a surface for indirect prompt injection where malicious instructions could be embedded in the code being reviewed to influence the agent's behavior.
- Ingestion points: SKILL.md (instructions for reviewing frontend code and UI components).
- Boundary markers: Absent. No instructions are provided to delimit external code or warn the agent to ignore embedded instructions within the reviewed data.
- Capability inventory: The skill itself does not request specific tools in the frontmatter, but its instructions imply the agent will perform file reading and potentially file writing or shell execution to apply UI improvements.
- Sanitization: Absent. There is no mention of validating or escaping external content before the agent processes it for design review.
Audit Metadata