Skills
skills/julianromli/opencode-template/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [External Downloads] (LOW): The skill fetches instructions from a remote Vercel-owned repository (https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md). This source is recognized as trusted under the [TRUST-SCOPE-RULE], so the download finding itself is downgraded to LOW.
  • [Indirect Prompt Injection] (MEDIUM): The skill processes external content that defines its rules and output format, leading to a potential for behavior manipulation if the source were compromised.
  • Ingestion points: Remote fetch of command.md via WebFetch into the agent's instructions.
  • Boundary markers: None; the agent is explicitly told to 'Fetch fresh guidelines' and 'Apply all rules from the fetched guidelines'.
  • Capability inventory: Accessing local source code files based on user-provided patterns.
  • Sanitization: None; external content is treated as instructions without validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 06:52 AM