web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches design guidelines from Vercel Labs' official GitHub repository. This is a trusted organization and the download is performed to ensure the UI review uses the latest standards.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes user-provided files using instructions retrieved from a remote URL. * Ingestion points: Local UI code files or file patterns specified in SKILL.md. * Boundary markers: None present; the skill does not define specific delimiters to isolate the guidelines from the code being reviewed. * Capability inventory: File reading (to access user code) and network access (to fetch guidelines via WebFetch). * Sanitization: No explicit sanitization or instruction filtering is applied to the ingested file content.
Audit Metadata