100Critical
The skill is vulnerable to command injection via user input and
Behavior Analysis
Description verified — behavior matches claim
Claims to do
UI/UX Pro Max - Design Intelligence: Comprehensive design guide for web and mobile applications. Contains 50+ styles, 161 color palettes, 57 font pairings, 161 product types with reasoning rules, 99 UX guidelines, and 25 chart types across 10 technology stacks. Searchable database with priority-based recommendations.
Actually does
This skill executes a local Python script (`skills/ui-ux-pro-max/scripts/search.py`) to provide UI/UX design recommendations. It accesses an internal `ui-reasoning.csv` file for rules and can persist design system outputs to local Markdown files (`design-system/MASTER.md`, `design-system/pages/*.md`). It does not contact external URLs or APIs.
Skill Info
Namenextlevelbuilder/ui-ux-pro-max-skill/ui-ux-pro-max
Registrygithub
Versionb7e3af80f6e3
PURLpkg:github/nextlevelbuilder/ui-ux-pro-max-skill@b7e3af80f6e3?skill=ui-ux-pro-max
Stars66,748
Installs119,600
Source
SHA-2569bd26c52dfd1...
SHA-1598db411617c...
MD5333e886d9c02...
TLSHc2132c43fb04...
ssdeep768:qa1iWGHj...
Size44,776 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Claude CodeDocs
/plugin marketplace add nextlevelbuilder/ui-ux-pro-max-skill/plugin install ui-ux-pro-max@nextlevelbuilder/ui-ux-pro-max-skill
Assessments (2)
AI Agent Traps ↗Shell command execution function detectedcriticalcommand execution
Shell command execution function detected
100% confidenceline 150
system (
Command Injection via User-Controlled Script Argscriticalcommand execution
The skill instructs the AI to execute a Python script (`search.py`) with user-provided input for query, project name, and page name. This creates a direct command injection vulnerability if the script or shell execution context does not properly sanitize these inputs, allowing an attacker to execute arbitrary commands on the host system.
100% confidenceline 366
python3 skills/ui-ux-pro-max/scripts/search.py "<product_type> <industry> <keywords>" --design-system [-p "Project Name"]
Memory Poisoning via Persisted Design System Fileshighmemory poisoning
The skill allows persisting design system recommendations into Markdown files (`MASTER.md`, `pages/*.md`) using user-controlled input. An attacker could inject malicious content (e.g., hidden instructions, misleading information) into these files, which the agent is explicitly instructed to prioritize and use in subsequent tasks, potentially leading to long-term manipulation of agent behavior.
90% confidenceline 385
python3 skills/ui-ux-pro-max/scripts/search.py "<query>" --design-system --persist -p "Project Name"; Context-aware retrieval prompt: ...If the page file exists, prioritize its rules.
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/nextlevelbuilder/ui-ux-pro-max-skill/ui-ux-pro-max)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/nextlevelbuilder/ui-ux-pro-max-skill/ui-ux-pro-max"><img src="https://mondoo.com/ai-agent-security/api/badge/github/nextlevelbuilder/ui-ux-pro-max-skill/ui-ux-pro-max.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/nextlevelbuilder/ui-ux-pro-max-skill/ui-ux-pro-max.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow