Skills
skills/codingheader/myskills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (INFO): The skill fetches guidelines from a remote URL. Evidence: https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. This is a trusted source (Vercel organization), which downgrades the network access finding per [TRUST-SCOPE-RULE].
  • [REMOTE_CODE_EXECUTION] (LOW): The skill retrieves a remote markdown file (command.md) containing instructions that the agent is explicitly told to follow. This is a form of remote instruction execution. The risk is mitigated by the trusted status of the repository.
  • [PROMPT_INJECTION] (MEDIUM): The skill is vulnerable to indirect prompt injection (Category 8) as it processes untrusted user UI files alongside remote instructions.
  • Ingestion points: Remote command.md guidelines and user-provided local source files.
  • Boundary markers: Absent; the skill does not use delimiters to separate instructions from data.
  • Capability inventory: The skill utilizes WebFetch for network requests and can read local files. This combination allows for potential exfiltration if a malicious file manipulates the agent.
  • Sanitization: None; the content is processed directly by the agent without validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 06:51 AM