web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves design guidelines from a trusted source (github.com/vercel-labs). This is an expected operation used to keep the auditing rules current.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external guidelines and user-provided files. However, the risk is mitigated by the use of a trusted external source. 1. Ingestion points: Guideline markdown from Vercel-Labs and user-provided code files. 2. Boundary markers: Not explicitly defined in the skill instructions. 3. Capability inventory: Access to read local files and perform network requests to trusted domains. 4. Sanitization: No explicit sanitization or filtering of file content is specified.
- [SAFE]: No persistence mechanisms, credential theft, or privilege escalation commands were detected in the skill code.
Audit Metadata