Skills
skills/kubrickcode/ai-config-toolkit/ui-ux-improve/Gen Agent Trust Hub

ui-ux-improve

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted data that could influence the agent's behavior.
  • Ingestion points: The agent reads local project files (e.g., package.json, **/*.tsx) and retrieves external content from the internet via the WebSearch tool.
  • Boundary markers: There are no explicit delimiters or instructions provided to ensure the agent ignores or sanitizes potential commands embedded within the code or web content it analyzes.
  • Capability inventory: The agent has the ability to read project files, perform web searches, invoke specialized sub-agents, write a markdown report to the project root, and modify project code when in implement mode.
  • Sanitization: No validation or sanitization routines are specified for the data gathered from the project or external sources before it is used to formulate recommendations or execute changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 09:22 AM
Security Audit — agent-trust-hub — ui-ux-improve