web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' official GitHub repository. This is an expected operation from a well-known service for the purpose of providing up-to-date UI review rules.\n- [PROMPT_INJECTION]: The skill processes user-provided files as untrusted data using rules fetched from an external URL, representing an indirect prompt injection surface.\n
- Ingestion points: Reads files or patterns specified by the user as described in SKILL.md.\n
- Boundary markers: None identified for isolating user file content from instructions.\n
- Capability inventory: Performs file system reads and network fetches via WebFetch.\n
- Sanitization: No specific sanitization or validation of the fetched guidelines or user files is mentioned.
Audit Metadata