design
Warn
Audited by Snyk on Feb 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The design-audit reference explicitly instructs the agent to "fetch fresh rules from: https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md", a public GitHub URL the agent must retrieve and apply, so it clearly ingests untrusted third-party content that could carry indirect prompt injection.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill's design-audit workflow instructs the agent at runtime to fetch and apply external rules from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md, meaning remote content directly controls audit prompts and behavior.
Audit Metadata