web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from the official Vercel Labs repository on GitHub (
https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md). This is a trusted source and the content is used for instructional purposes, representing safe and expected behavior. - [PROMPT_INJECTION]: The skill ingests user-provided code files, which introduces a surface for indirect prompt injection. However, the risk is minimal due to the skill's narrow scope and lack of exploitable administrative capabilities.
- Ingestion points: Files or code patterns provided by the user (SKILL.md).
- Boundary markers: None used; the skill does not explicitly wrap ingested content.
- Capability inventory: File system read access and network fetching of guidelines.
- Sanitization: No explicit sanitization of input file content is performed.
Audit Metadata