paper-to-code-components

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external design data from Paper (hierarchy, selection, and JSX exports), which represents a surface for indirect prompt injection via design metadata. However, the instructions focus on structural implementation.
  • [COMMAND_EXECUTION]: The skill instructs the agent to run standard development scripts (lint, typecheck, test, and build) from the local package.json. This is expected behavior for a developer-oriented coding assistant.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 04:17 AM
Security Audit — agent-trust-hub — paper-to-code-components