web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill is designed to fetch its operating instructions/guidelines from a remote URL (raw.githubusercontent.com). Under standard analysis, remote instruction fetching is a high-risk pattern; however, since the source repository is 'vercel-labs', it qualifies for a severity downgrade to LOW per the [TRUST-SCOPE-RULE].
- PROMPT_INJECTION (LOW): This skill exhibits an indirect prompt injection surface by fetching external content and applying it as instructions. This 'instructions-as-data' pattern is a vulnerability if the source is compromised.
- Ingestion points: Fetches 'command.md' from a remote Vercel repository to define agent behavior.
- Boundary markers: None. The agent is instructed to 'Apply all rules' from the fetched content directly.
- Capability inventory: File reading and analysis; no direct file-write or subprocess execution observed.
- Sanitization: None.
Audit Metadata