web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill is configured to fetch guidelines and instruction logic from a remote GitHub repository.
- Evidence: Fetching from
https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. - Trusted Source: The repository belongs to the
vercel-labsorganization, which is a trusted entity, downgrading the severity from MEDIUM/HIGH to LOW per security protocols. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) due to its core functionality.
- Ingestion points: Remote URL instructions (
command.md) and user-provided local source code files. - Boundary markers: No explicit delimiters or 'ignore instructions' wrappers are defined to separate code from data during processing.
- Capability inventory: The agent has the capability to read local filesystem contents and perform network fetches.
- Sanitization: No sanitization or validation of the fetched markdown content or local files is mentioned.
Audit Metadata