web-design-guidelines

[Skill Scanner] System prompt extraction attempt BENIGN but with a moderate supply-chain caveat: the skill's purpose and capabilities align and it performs expected actions (fetch guidelines, read files, apply rules). The only notable security consideration is that it fetches the rules at runtime from raw.githubusercontent.com without pinning or integrity verification — if that remote content were tampered with, the skill's behavior could change. No evidence of credential harvesting, remote code execution, or obfuscation was found. LLM verification: No direct malware or credential-harvesting code found in the provided SKILL.md fragment. The primary security issue is a supply-chain / prompt-injection risk: the skill fetches and treats unverified remote textual 'output format instructions' as authoritative at runtime, enabling a remote compromise of the guidelines file to cause data leakage or undesired agent behavior. Recommend pinning/vendoring guidelines, adding integrity checks (signatures/checksums), and refusing to honor remote instruct