web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill fetches guidelines from a remote URL (raw.githubusercontent.com). Per the [TRUST-SCOPE-RULE], this is downgraded to LOW because the source (vercel-labs) is a trusted organization.
- PROMPT_INJECTION (LOW): The skill uses remote content to determine its operating rules and output format, creating an Indirect Prompt Injection surface (Category 8). Ingestion points: SKILL.md fetch instruction. Boundary markers: Absent. Capability inventory: Local file reading, network fetching. Sanitization: Absent. Because the source is hardcoded to a trusted repository, the risk of malicious instruction poisoning is significantly reduced.
- COMMAND_EXECUTION (INFO): The skill reads local files to perform UI reviews, which is consistent with its stated purpose and metadata.
Audit Metadata