The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The skill dynamically fetches its rules and logic from a remote GitHub URL (https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md). Per the [TRUST-SCOPE-RULE], because the source is the trusted organization 'vercel-labs', this finding is downgraded to LOW.\n- INDIRECT PROMPT INJECTION (LOW): The skill exhibits an Indirect Prompt Injection surface (Category 8c) by fetching instructions from an external source. The risk is minimized because the skill's capabilities are limited to reading local files and generating text output (Capability Tier: LOW), and the instructions are sourced from a trusted repository.

web-design-guidelines