web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel's official GitHub repository.
- [PROMPT_INJECTION]: The skill processes remote guidelines and local UI code, creating an indirect prompt injection surface. 1. Ingestion points: Remote markdown guidelines and local files specified by the user. 2. Boundary markers: None identified in the skill logic. 3. Capability inventory: Network access (WebFetch) and local file reading. 4. Sanitization: None identified. The risk is minimized as the guidelines source is trusted.
Audit Metadata