web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill is configured to fetch guidelines and instruction logic from
https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. While this constitutes dynamic instruction loading, the source organization (vercel-labs) is explicitly listed as a trusted external source, downgrading the severity from MEDIUM to LOW per security policy.- [PROMPT_INJECTION] (LOW): The skill exhibits an Indirect Prompt Injection surface (Category 8). It ingests untrusted user code ('review my UI') and processes it to find compliance issues. Malicious instructions could be embedded in the audited code to influence agent behavior. Evidence Chain: - Ingestion points: Files or patterns provided by the user (argument-hint: ).
- Boundary markers: None identified in the skill definition to delimit user code from agent instructions.
- Capability inventory: The skill has the capability to read local files and fetch remote content.
- Sanitization: No specific sanitization or escaping of the processed code is mentioned.
Audit Metadata