Skills
skills/dirnbauer/webconsulting-skills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection because it fetches its 'rules and output format instructions' from a remote URL at runtime.
  • Ingestion points: Fetches markdown content via WebFetch from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md.
  • Boundary markers: Absent. The agent is instructed to 'Apply all rules from the fetched guidelines' without sanitization or delimitation to prevent the external content from overriding its base instructions.
  • Capability inventory: The skill has the ability to read local user files (via file-or-pattern) and access the network, creating a potential path for data access guided by remote instructions.
  • Sanitization: None detected. The skill trusts the remote payload to define its logic.
  • [External Downloads] (SAFE): The skill retrieves guidelines from an external source.
  • Evidence: Source URL https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md.
  • Trust status: The vercel-labs organization is a trusted GitHub entity, which minimizes the risk of the source providing malicious code under standard conditions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:28 PM