The Agent Skills Directory

[SAFE]: No security issues were detected during the analysis of the skill instructions and associated reference files. The skill is authored by a known developer and its functionality aligns with its stated purpose as a UI/UX design assistant.
[PROMPT_INJECTION]: The skill includes instructions to guide the agent through a specific workflow (selection menus, multi-dimension analysis). No malicious injection attempts, such as instructions to bypass safety filters or ignore prior rules, were found.
[DATA_EXFILTRATION]: The skill is designed to read and analyze project code to provide UI/UX improvements. There is no evidence of unauthorized data exfiltration, harvesting of credentials, or access to sensitive system paths (e.g., .ssh, .aws). All operations that modify code require explicit user confirmation.
[EXTERNAL_DOWNLOADS]: The skill uses the webReader tool to fetch external websites for theme generation. All external references are to well-known technology companies used as design benchmarks. No patterns of downloading and executing remote scripts (e.g., curl | bash) were observed.
[COMMAND_EXECUTION]: The skill does not employ dangerous shell commands, persistence mechanisms, or privilege escalation techniques. Operations are limited to reading, analyzing, and editing code through provided tools with mandatory user confirmation.
[SAFE]: An analysis of the indirect prompt injection surface shows that while the skill ingests untrusted data via webReader to extract design features, the requirement for user confirmation before any code modification significantly mitigates the risk of unauthorized actions triggered by malicious content on external pages.

rico-ui-ux-themes