Skills
skills/straydragon/my-claude-skills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches configuration rules and output formatting instructions from Vercel Labs' official GitHub repository.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by design, as it executes instructions retrieved from an external Markdown file.
  • Ingestion points: Content is fetched from 'https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md' via WebFetch.
  • Boundary markers: The instructions do not specify any delimiters or safety constraints to prevent the fetched guidelines from overriding core agent behavior.
  • Capability inventory: The skill possesses the capability to read local files and generate text output based on the external logic.
  • Sanitization: The skill does not verify or sanitize the fetched content before the agent adopts it as operational rules.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:09 AM