Skills
skills/yeachan-heo/oh-my-codex/frontend-ui-ux/Gen Agent Trust Hub

frontend-ui-ux

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by passing raw user input from the {{ARGUMENTS}} placeholder directly to downstream agent tools.
  • Ingestion point: SKILL.md (via {{ARGUMENTS}} used in tool calls and fallback delegation).
  • Boundary markers: Absent; there are no delimiters (e.g., XML tags or triple backticks) or specific instructions to the agent to treat the input as untrusted data.
  • Capability inventory: The skill utilizes mcp__g__ask_gemini and delegate to perform design tasks based on user input.
  • Sanitization: None; the input is interpolated into the task description without filtering, validation, or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 03:58 AM
Security Audit — agent-trust-hub — frontend-ui-ux