Skills
skills/neversight/skills_feed/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches configuration and rules from Vercel Labs' official GitHub repository. The source URL targets a well-known and trusted organization.
  • [PROMPT_INJECTION]: The skill processes external data as instructions, creating a surface for indirect prompt injection.
  • Ingestion points: Guidelines are fetched from raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md at runtime.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the fetched content are present.
  • Capability inventory: The skill is authorized to fetch remote content and read local user-specified files.
  • Sanitization: There is no evidence of validation or filtering of the fetched content before it is interpreted by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 03:46 PM