web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves design guidelines from Vercel Labs' official GitHub repository (
raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md). As this is a trusted organization, the operation is considered safe. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it fetches external instructions to guide its auditing behavior.
- Ingestion points: Remote
command.mdfile and user-specified local files. - Boundary markers: Absent; the skill does not explicitly delimit external content or instruct the agent to ignore embedded commands.
- Capability inventory: Local file read access and network fetch capabilities via WebFetch.
- Sanitization: No validation or sanitization of the remote guideline content is performed before processing.
Audit Metadata