visual-consistency
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted UI markup and style data from sources like rendered screens, snippets, or entire repositories. This creates a surface for indirect prompt injection, where an attacker could embed malicious instructions within the UI content being reviewed.
- Ingestion points: Analyzes rendered screens, components, snippets, and project folders (SKILL.md).
- Boundary markers: There are no explicit delimiters or safety instructions provided to the agent to ignore potential commands embedded within the analyzed UI data.
- Capability inventory: The agent is instructed to modify CSS files based on the review findings (SKILL.md, recipes.md).
- Sanitization: No sanitization or validation of the input markup or styles is described in the workflow.
Audit Metadata