web-design-guidelines

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches live guidelines from the public URL https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md and directs the agent to read and apply those fetched rules, so it will ingest untrusted third‑party content (public GitHub raw content) that could carry indirect prompt-injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches runtime instructions from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md which supplies rules and output-formatting instructions that directly control the agent's behavior and is required for each review.