web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves design guidelines from Vercel Labs' official GitHub repository (vercel-labs/web-interface-guidelines). This is a well-known service and a trusted source.
- [PROMPT_INJECTION]: The skill processes external data (user-provided files) which presents a surface for indirect prompt injection.
- Ingestion points: Reads files matching user-provided patterns and content from a remote URL.
- Boundary markers: None explicitly defined for user file content.
- Capability inventory: Limited to fetching a URL and reading local files; no file writing, shell execution, or external network posts are performed.
- Sanitization: No explicit sanitization of input files is mentioned, but the risk is mitigated by the restricted capabilities of the skill and the use of a trusted guideline source.
Audit Metadata