web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches design guidelines from Vercel Labs' official GitHub repository. This is an informative download from a trusted organization used to retrieve the latest audit rules.
- [PROMPT_INJECTION]: The skill processes user-provided UI files and external guidelines, which creates a surface for indirect prompt injection.
- Ingestion points: Reads local files specified by the user and fetches content from a remote GitHub URL.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt structure.
- Capability inventory: The skill performs file reads and web fetches. It lacks high-risk capabilities such as arbitrary command execution, subprocess spawning, or network exfiltration to untrusted domains.
- Sanitization: There is no evidence of sanitization or validation of the content being reviewed against the guidelines.
Audit Metadata