web-design-guidelines
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Deceptive metadata detected; the skill identifies its author as 'vercel', which contradicts the provided author context 'eoash'. This impersonation can lead to a misjudgment of the skill's origin and security status.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by fetching and processing external instructions from a remote repository.\n
- Ingestion points: Fetches 'command.md' via WebFetch from a GitHub URL.\n
- Boundary markers: Absent; there are no delimiters used to isolate the fetched rules from the core instructions.\n
- Capability inventory: The skill has the ability to read local files to perform its review.\n
- Sanitization: No validation or filtering is applied to the content retrieved from the remote source.\n- [EXTERNAL_DOWNLOADS]: The skill fetches configuration and design guidelines from the official Vercel Labs GitHub repository.
Audit Metadata