graphicode-designer-figma-ts-react-less
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill generates HTML files that reference widely-used web development libraries, including React, Babel, and Less.js, from well-known and trusted content delivery networks (CDNs) such as
unpkg.comandcdnjs.cloudflare.com. This is a standard and safe practice for creating portable, browser-runnable playgrounds. - [COMMAND_EXECUTION]: The skill performs routine file management tasks, such as copying mockup files and deleting temporary directories (
.tmp). These actions are performed within the scope of the project as defined by a local configuration file (graphig.md). - [DATA_EXFILTRATION]: Analysis confirmed that the skill does not perform any unauthorized network requests or data transmission. Its activities are confined to local file generation and manipulation based on the user's design project.
- [PROMPT_INJECTION]: The skill follows a structured multi-step process and uses subagents to handle external content (like mockups). This design pattern provides a natural boundary that reduces the risk of malicious instructions within processed files influencing the main agent's behavior.
Audit Metadata