Skills
skills/hubeiqiao/skills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' official GitHub repository.
  • Evidence: https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted local file content that could contain instructions intended to deviate the agent from its intended task.
  • Ingestion points: Local files or file patterns specified by the user in SKILL.md.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' headers when interpolating file content into the prompt.
  • Capability inventory: The agent has capabilities to read files and perform network requests (WebFetch).
  • Sanitization: No sanitization or validation of the input file content is described in the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 08:51 AM