web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches updated rules from a trusted organization's repository. \n
- Evidence: Retrieves guidelines from 'https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md'.\n- [PROMPT_INJECTION]: Subject to indirect prompt injection (Category 8) through processing untrusted data.\n
- Ingestion points: User-provided URLs for visual inspection (Step 3) and remote markdown files for rule definitions (Step 2.1).\n
- Boundary markers: Absent; no explicit delimiters or instructions are used to prevent external content from overriding agent logic.\n
- Capability inventory: High-impact capabilities including browser automation (Playwright) and direct modification of workspace source files.\n
- Sanitization: Absent; the skill does not define methods for validating or escaping external site content before it is processed by the AI for code-fixing.
Audit Metadata