Ui Ux Pro Max
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: ui-ux-pro-max-2 Version: 0.1.0 The skill is classified as suspicious due to two main indicators found in `SKILL.md`. First, it instructs the AI agent to install Python using `sudo` commands (`brew install python3`, `sudo apt install python3`), which grants the agent elevated privileges and the ability to modify the system. Second, it uses a direct prompt injection to instruct the agent to read and prioritize local files (`design-system/MASTER.md`, `design-system/pages/[page-name].md`) for context-aware retrieval. While the stated purpose of these actions (installing prerequisites, managing internal design state) appears benign, the underlying capabilities (privileged execution, direct file system interaction via prompt injection) represent significant security risks without clear malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The documented workflow may fail or depend on code that was not included in the reviewed artifact set.
The skill relies on a helper script and referenced data such as ui-reasoning.csv, but the provided manifest says only SKILL.md is present. This is a provenance/completeness gap rather than evidence of malicious behavior.
python3 skills/ui-ux-pro-max/scripts/search.py "<product_type> <industry> <keywords>" --design-system
Confirm the referenced script and data files are present and trusted before allowing an agent to run them.
An agent following the skill may ask to install Python or run local commands during UI/UX tasks.
The skill documents local package-manager commands and Python execution. These are disclosed and related to the claimed CLI search workflow, but they still modify or use the local environment.
If Python is not installed, install it based on user's OS: ... sudo apt update && sudo apt install python3 ... winget install Python.Python.3.12
Approve package installation and command execution only when you expect it, and prefer running commands from a trusted project directory.
Saved design guidance may shape future agent responses, including if it becomes outdated or incorrect.
The skill explicitly supports persistent design-system files that can be reused across sessions. This is aligned with the design purpose, but persistent context can influence later work.
To save the design system for hierarchical retrieval across sessions, add --persist
Review persisted design-system files before reuse and keep them scoped to the intended project.
If configured, the agent may query an external MCP source for UI component examples.
The skill mentions an MCP integration for component lookup. This appears purpose-aligned, but MCP connections introduce an external tool/source boundary that users should recognize.
Integrations: shadcn/ui MCP for component search and examples.
Use only trusted MCP servers and avoid sending private project details unless that sharing is intended.