ui-imagegen-director
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard design-to-code workflow without introducing dangerous operations or unauthorized access.
- [DATA_EXPOSURE]: Instructions specify keeping generated assets local to the project directory, which aligns with standard development practices for asset management and avoids unnecessary external data exposure.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources (image generation output) to guide UI implementation. While this constitutes an external input surface, the instructions constrain its use to visual reference for styling and layout, posing minimal risk. The evidence chain for this category is as follows:
- Ingestion points: Visual output from the $imagegen tool and user-provided UI requirements in SKILL.md.
- Boundary markers: Absent in the provided prompt templates, although the workflow instructions provide context for how the input should be interpreted.
- Capability inventory: File system access for writing components and assets, and browser automation via the Browser plugin or Playwright for visual verification as described in SKILL.md.
- Sanitization: No explicit sanitization or validation of the generated visual content is mentioned, but the risk is inherently low as the agent acts as an interpreter of visual data into static code.
Audit Metadata