web-design-guidelines
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill fetches guidelines from
https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. As this is a Trusted External Source (vercel-labs), the severity is downgraded per [TRUST-SCOPE-RULE].- PROMPT_INJECTION (MEDIUM): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data and follows externally fetched instructions. - Ingestion points: Remote Markdown content via URL and user-provided UI source files.
- Boundary markers: None specified; the agent is instructed to follow instructions in the fetched file without specific delimiters.
- Capability inventory: File system access (reading files) and network access (fetching guidelines).
- Sanitization: No sanitization or validation of the fetched guidelines or target files is performed.
- Risk: If the remote guidelines are compromised or if the files being reviewed contain malicious instructions, the agent may execute them as legitimate rules.
Audit Metadata