web-design-guidelines

[Skill Scanner] System prompt extraction attempt Benign. The skill is coherently designed to fetch up-to-date UI guidelines and apply them to user-specified files, emitting findings in a standard format. No credential handling, no suspicious data exfiltration, and the data flows are typical for a guideline-based static check tool. LLM verification: The skill's stated purpose and workflow are coherent and align with a UI guideline review tool. However, the static analyzer flag indicating a system prompt extraction attempt in SKILL.md is suspicious and warrants closer inspection of prompt handling and disclosure logic. If the system prompt content can be accessed or exfiltrated, this could be a potential security risk. Overall, the tool appears benign in intent but requires remedial review of prompt access patterns to ensure no inadvertent l