web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from the official Vercel Labs repository on GitHub. This is a trusted service used neutrally to retrieve the latest rule definitions for the audit process.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external files and remote instructions.
- Ingestion points: Local user-provided UI source files (React, Vue, Svelte, HTML, CSS, TS/JS) and the remote 'command.md' file from GitHub.
- Boundary markers: Absent; the instructions do not define specific delimiters to separate untrusted file content from analysis commands.
- Capability inventory: Limited to file reading and network fetching via WebFetch. No capabilities for file writing, shell command execution, or environment modification.
- Sanitization: No explicit sanitization or filtering of the content retrieved from external sources or user files.
Audit Metadata