graphicode-ui-engineer-figma-ts-react-less
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs automated filesystem operations such as copying files (cp) and removing temporary files (rm) during the component generation process.
- [COMMAND_EXECUTION]: The skill is designed to automatically create git commits using the git commit command to track changes made to the design log and page components.
- [SAFE]: The skill has an ingestion surface for potential indirect prompt injection as it processes external project files (README.md and mockups). Ingestion points: project configuration and design files. Boundary markers: None. Capability inventory: File system read/write and git commit. Sanitization: None.
- [SAFE]: All identified command executions are tied to the primary function of the skill and are performed within the project context defined by the graphig.md configuration file.
- [SAFE]: The skill uses subagents to isolate the processing of large static mockup files, preventing context pollution and ensuring efficient task execution.
- [SAFE]: No unauthorized network activity or credential harvesting was detected.
Audit Metadata