The Agent Skills Directory

[PROMPT_INJECTION]: The skill uses instructional constraints such as 'MANDATORY' and 'CRITICAL' in SKILL.md to steer the AI's design decisions and avoid generic defaults. These are legitimate task-specific instructions rather than attempts to bypass safety filters.
[DATA_EXPOSURE]: The included Python scripts, scripts/accessibility_checker.py and scripts/ux_audit.py, are designed to read local project files (HTML, JSX, TSX) to perform static analysis. No network functionality or credential harvesting patterns were found in these scripts.
[INDIRECT_PROMPT_INJECTION]: The audit scripts process untrusted user-created files, which introduces a potential surface for indirect prompt injection if malicious instructions are embedded in the code being analyzed. However, the scripts perform local regex analysis and do not execute the content of the files.
Ingestion points: File reading operations in scripts/accessibility_checker.py and scripts/ux_audit.py.
Boundary markers: No specific delimiters are used when passing file content analysis results back to the agent.
Capability inventory: The skill allows access to Read, Write, Edit, and Bash tools.
Sanitization: The scripts utilize regex pattern matching to identify specific UI/UX issues, providing a layer of abstraction between the raw file content and the agent's reasoning.

frontend-design