web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- External Downloads (LOW): The skill fetches guidelines from a remote GitHub URL (raw.githubusercontent.com/vercel-labs/...). While remote instruction fetching is a potential risk vector, the source belongs to a verified trusted organization (vercel-labs).
- Indirect Prompt Injection (LOW): The skill processes untrusted user-provided UI code alongside remote instructions, creating a surface for indirect prompt injection.
- Ingestion points: Remote markdown file (command.md) and user-specified local files.
- Boundary markers: Absent; the agent is instructed to apply all rules found in the fetched content without explicit delimiters.
- Capability inventory: File system read access and network read access via WebFetch. No file write or arbitrary command execution capabilities are defined in the wrapper.
- Sanitization: None; the content of the UI files and the fetched guidelines are processed directly by the agent.
Audit Metadata