web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill fetches dynamic instructions from a remote URL (raw.githubusercontent.com/vercel-labs/web-interface-guidelines). Under [TRUST-SCOPE-RULE], this is downgraded to LOW because the source is a Trusted GitHub Organization (vercel-labs).
- PROMPT_INJECTION (LOW): This skill exhibits a surface for Indirect Prompt Injection (Category 8) because it processes untrusted user files using logic fetched from an external source.
- Ingestion points: User-provided files or patterns (SKILL.md).
- Boundary markers: Absent; no delimiters or 'ignore embedded instructions' warnings are present.
- Capability inventory: File system read access and network fetch capabilities.
- Sanitization: Absent; no escaping or validation of user-provided content before processing is mentioned.
Audit Metadata