web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches rules and UI guidelines from Vercel Labs' official GitHub repository. This is a trusted source and the action is central to the skill's purpose.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the analysis of external content and user-provided code.
- Ingestion points: Processes local file content and remote guidelines from a URL.
- Boundary markers: No delimiters or instructions are used to separate audited data from the agent's core instructions.
- Capability inventory: Can read local files and make network requests using the WebFetch tool.
- Sanitization: Lacks sanitization or validation of the processed input data.
Audit Metadata