ui-designer
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
findandgrepto determine if the current directory contains a React project. This is a benign environment check used to guide the user's setup. - [EXTERNAL_DOWNLOADS]: The workflow suggests installing standard, well-known industry packages such as
tailwindcss,postcss,autoprefixer, andlucide-react. These are legitimate dependencies for modern web development. - [PROMPT_INJECTION]: The skill ingests user-provided text files and images to interpolate into prompt templates. While this creates a surface for indirect prompt injection, the risk is mitigated as the skill's capabilities are limited to local UI generation and environment discovery without sensitive data access or exfiltration.
Audit Metadata