web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill fetches a guidelines document from a remote URL (https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md) during execution. \n
- Evidence: Source URL specified in the 'Guidelines Source' section of SKILL.md. \n
- Trust Status: The source is part of the 'vercel-labs' organization, which is a Trusted External Source. Per [TRUST-SCOPE-RULE], this finding is downgraded to LOW severity.\n- [PROMPT_INJECTION] (LOW): The skill exhibits an attack surface for Indirect Prompt Injection (Category 8) by ingesting external data used as instructions. \n
- Ingestion points: The content of 'command.md' is fetched and applied as rules. \n
- Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands within the fetched file. \n
- Capability inventory: The agent has the ability to read local files provided by the user. \n
- Sanitization: Absent; the skill does not appear to sanitize the fetched markdown before processing it.
Audit Metadata