Skills
skills/rohunj/claude-build-workflow/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill fetches guidelines from raw.githubusercontent.com/vercel-labs/web-interface-guidelines. This is a trusted GitHub organization (vercel-labs), so the finding is downgraded per [TRUST-SCOPE-RULE].
  • PROMPT_INJECTION (MEDIUM): The skill uses a 'remote instruction fetch' pattern where the agent's logic, rules, and output format are defined by the content of a remote file. This is a form of Indirect Prompt Injection (Category 8).
  • Ingestion points: https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md and user-provided local files.
  • Boundary markers: Absent; the agent is instructed to 'Apply all rules from the fetched guidelines' without explicit delimiters.
  • Capability inventory: File read (local user files), WebFetch (network read).
  • Sanitization: Absent.
  • DATA_EXFILTRATION (INFO): The skill has read access to local source code files. While it currently specifies a terse local output format, the combination of remote instructions and local file access is a high-value target for adversarial prompt injection.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 10:40 AM