web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill fetches instructions from a remote GitHub URL (vercel-labs). Per [TRUST-SCOPE-RULE], this download finding is downgraded to LOW because the organization is on the trusted list.
- PROMPT_INJECTION (LOW): Category 8: Indirect Prompt Injection surface detected. The skill ingests untrusted user content and processes it based on fetched instructions. Ingestion points: User-provided files or patterns via skill arguments. Boundary markers: None specified to prevent the agent from following instructions embedded in audited files. Capability inventory: WebFetch for guideline retrieval, local file reading for audits. Sanitization: None present to filter malicious instructions from processed data.
Audit Metadata