web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel's official GitHub repository (vercel-labs). This is a trusted source and the behavior is documented neutrally.
- [COMMAND_EXECUTION]: Accesses and reads local files as specified by the user to perform the design review, which is the primary function of the skill.
- [PROMPT_INJECTION]: The skill ingests untrusted data from the files it reviews. While this creates a surface for indirect prompt injection, it is a necessary part of the skill's primary purpose and no malicious patterns were detected in the skill's own logic.
Audit Metadata