UI UX Design Pro

Type: OpenClaw Skill Name: ui-ux-design-pro Version: 0.1.0 The skill bundle is classified as suspicious due to critical arbitrary file write vulnerabilities in `cli/commands/audit.ts` and `cli/commands/generate.ts`, and an arbitrary file read vulnerability in `cli/commands/audit.ts` via glob pattern expansion. The `SKILL.md` also contains prompt injection techniques (e.g., 'Be invisible') and local file inclusion risks by instructing the agent to read/write to `.interface-design/system.md` without proper path validation. While the core purpose of the skill (design system generation and code auditing) is benign, these vulnerabilities could be exploited by a malicious actor to read/write arbitrary files on the host system or manipulate the agent's behavior.