web-design-guidelines

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to fetch live guidelines from the public raw GitHub URL https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md (via WebFetch) and then applies those fetched rules to drive its review and output format, allowing untrusted third-party content to directly influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly uses WebFetch at runtime to retrieve and apply the guidelines from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md, and the fetched document contains the rules and output-format instructions that directly control the agent's prompt/behavior.