web-design-guidelines
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' official GitHub repository. While the source is a trusted well-known service, the skill's actual provenance is inconsistent with its metadata.
- [PROMPT_INJECTION]: The skill metadata identifies the author as 'vercel', which conflicts with the actual author context 'kilo-org'. This mismatch is deceptive and can lead to an incorrect assessment of the skill's safety protocols. Additionally, the skill creates an indirect prompt injection surface by processing user-provided data using remote instructions.
- Ingestion points: User-specified files or patterns provided as arguments for review.
- Boundary markers: Absent; the skill does not use delimiters to isolate user content from the analysis instructions.
- Capability inventory: The skill can read local files and fetch remote markdown content; no capabilities for subprocess execution, file modification, or network exfiltration were identified.
- Sanitization: No validation or filtering of ingested file content is performed.
Audit Metadata