web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' official GitHub repository. This is a trusted source used for the skill's core audit functionality.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by incorporating remote instructions from a URL. While the source is trusted, the following factors apply: 1. Ingestion points: Guidelines fetched from a raw GitHub URL in the vercel-labs organization. 2. Boundary markers: Absent; remote instructions are treated as direct rules for the agent. 3. Capability inventory: File read operations for reviewing UI code. 4. Sanitization: Absent; the agent is directed to follow all rules contained in the fetched content.
Audit Metadata