taste-design-taste-frontend
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill does not contain any malicious code, data exfiltration patterns, or persistence mechanisms. Its instructions and code snippets follow modern React and Tailwind CSS best practices.
- [EXTERNAL_DOWNLOADS]: The skill references and recommends the use of numerous official packages and assets from well-known industry services.
- Recommends installation of official design system packages from Microsoft (@fluentui), Google (@material/web), IBM (@carbon/react), Shopify (polaris.js), and Atlassian (@atlaskit).
- Includes instructions for fetching brand icons from Simple Icons' CDN and placeholder photography from picsum.photos.
- References the initialization of shadcn/ui, a widely used open-source component library.
- [PROMPT_INJECTION]: The skill uses extremely prescriptive language ('MANDATORY', 'HARD RULES', 'BANNED') to override the default tendencies of the LLM, referred to as 'Anti-Default Discipline'. These rules target design elements like the em-dash character and specific color palettes to ensure high-quality output. This is a quality-control application of instruction-based behavior modification.
- [PROMPT_INJECTION]: As the skill is designed to process user-provided design briefs, it naturally possesses an indirect prompt injection surface. The skill incorporates multiple 'Pre-Flight' checks and content audits that help verify the integrity and quality of the generated code based on the input.
Audit Metadata