Skills
skills/baotoq/agent-skills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill fetches dynamic instructions from a remote GitHub URL. While loading remote instructions is generally risky, the source belongs to a trusted organization.
  • Evidence: Fetches from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md using WebFetch.
  • Context: The repository vercel-labs/web-interface-guidelines is listed as a trusted source, which downgrades the severity per [TRUST-SCOPE-RULE].
  • PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted UI code provided by users.
  • Ingestion points: Reads local files specified by the user or patterns.
  • Boundary markers: Absent; the skill does not use delimiters to isolate the code being reviewed from the audit instructions.
  • Capability inventory: Restricted to reading local files and fetching the guideline URL. No file-write, command execution, or sensitive data exfiltration capabilities were detected.
  • Sanitization: No evidence of sanitizing or escaping content within the provided UI code before processing.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 07:28 AM