web-design-guidelines-design
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely informational and intended for UI/UX design guidance. No malicious commands, persistence mechanisms, or obfuscation techniques were found in the instructions or metadata.
- [PROMPT_INJECTION]: The skill workflow involves reading project-specific files like DESIGN_SYSTEM.md and style-guide.md. This constitutes an indirect prompt injection surface because these files are user-provided. However, this is assessed as safe because the skill has no high-risk capabilities (such as network access, file modification, or shell execution) that could be leveraged by a malicious instruction in those files.
- Ingestion points: Project-local files including docs/**/design-system.md, DESIGN_SYSTEM.md, and style-guide.md.
- Boundary markers: None explicitly defined; the skill reads the files directly into its context.
- Capability inventory: None. The skill generates text-based design recommendations only.
- Sanitization: Not applicable as the content is used for natural language analysis rather than command interpolation.
Audit Metadata