web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' official GitHub repository via WebFetch.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted user-provided UI code to perform audits.\n
- Ingestion points: Local files or file patterns specified by the user as arguments.\n
- Boundary markers: None; there are no specific markers or instructions to isolate user code from the agent's logic.\n
- Capability inventory: Reading local file content and making network requests via WebFetch.\n
- Sanitization: None; the skill does not perform validation or filtering of the content within the reviewed files.
Audit Metadata