The Agent Skills Directory

[External Downloads] (LOW): The skill fetches a markdown file containing guidelines from 'https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md'. Because 'vercel-labs' is a trusted organization, the download itself is downgraded to LOW risk per the trust policy.
[Indirect Prompt Injection] (MEDIUM): The skill exhibits an attack surface where remote instructions ('rules and output format instructions') are ingested and applied to the agent's processing of local files. * Ingestion points: Remote 'command.md' file and local UI code files. * Boundary markers: Absent; there are no delimiters separating the fetched instructions from the core prompt context. * Capability inventory: Includes file system read access and network fetch (WebFetch) capabilities. * Sanitization: Absent; the fetched content is utilized directly to determine the agent's behavior and output format.
[Dynamic Execution] (MEDIUM): The skill effectively updates its logic at runtime by fetching executable-style instructions (rules) from an external source. This allows the behavior of the 'review' task to change without updates to the skill itself.

web-design-guidelines