Skills
skills/vijaykpatel/favorite_skills_and_plugins/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill fetches instructions from an external URL to define its operating rules.
  • Evidence: The skill downloads content from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md to use as guidelines.
  • Mitigation: The source belongs to the vercel-labs organization, which is a Trusted GitHub Organization per the analysis framework, downgrading the risk level.
  • [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface by processing untrusted data (user UI files) and remote instructions.
  • Ingestion points: User-provided files and the remote command.md file.
  • Boundary markers: Absent; the skill does not explicitly use delimiters to separate guideline instructions from file content.
  • Capability inventory: File system read access and network fetch capabilities.
  • Sanitization: No evidence of sanitization or escaping for the ingested content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 04:23 PM