web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill fetches instructions from
https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. As per the [TRUST-SCOPE-RULE], this is a trusted source (Vercel), which downgrades the severity of the remote fetch. - PROMPT_INJECTION (LOW): This skill is vulnerable to Indirect Prompt Injection (Category 8) because it retrieves instructions from an external URL to guide its logic.
- Ingestion points: The
command.mdfile from the remote Vercel repository. - Boundary markers: None specified; the skill instructions simply state to "Apply all rules from the fetched guidelines."
- Capability inventory: The skill has the capability to read local files provided by the user.
- Sanitization: No sanitization or validation of the fetched content is performed before applying it to the agent's context.
- DATA_EXFILTRATION (SAFE): The skill performs a GET request to a trusted domain to retrieve data. There is no evidence of local data being transmitted to external endpoints.
Audit Metadata