web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' official GitHub repository (github.com/vercel-labs). This is a trusted source used to provide the latest design rules for the auditing process.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted UI code files provided by the user.
- Ingestion points: Reads local files or file patterns specified by the user during the review process (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands in the processed files are defined in the skill logic.
- Capability inventory: The skill is restricted to reading local files and fetching content from a specific trusted GitHub URL.
- Sanitization: There is no evidence of input validation or content filtering for the files being reviewed.
Audit Metadata