web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [External Downloads] (LOW): The skill downloads content from
https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. This is an external dependency; however, because the organizationvercel-labsis a trusted source, the severity is downgraded per [TRUST-SCOPE-RULE].\n- [Indirect Prompt Injection] (LOW): The skill retrieves instructions from a remote URL and applies them to local files provided by the user. This creates a vulnerability surface where the remote content could influence agent behavior.\n - Ingestion points: Remote fetch of
command.mdvia WebFetch.\n - Boundary markers: Absent. The skill instructions tell the agent to 'apply all rules from the fetched guidelines' without explicit isolation.\n
- Capability inventory: Ability to read local files (UI code) and output formatted text.\n
- Sanitization: No evidence of sanitization or validation of the fetched remote content before it is used as instructions.
Audit Metadata