Skills
skills/zackkorman/skills/web-design-guidelines-3/Gen Agent Trust Hub

web-design-guidelines-3

Fail

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: HIGHDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill includes a file named 'a' that contains the path '/etc/hosts', a sensitive system configuration file. As the skill is designed to read and audit files, this creates a mechanism for the agent to access and potentially expose internal system configuration data.
  • [EXTERNAL_DOWNLOADS]: Fetches guidelines from the author's official GitHub repository (github.com/ZackKorman). While this is a vendor-owned source, retrieving operational instructions from a remote URL allows for the dynamic modification of the skill's logic without a local audit of the updated content.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes remote instructions and user-provided files without sufficient isolation or verification.
  • Ingestion points: Remote instruction file ('command.md') and local files identified by the user.
  • Boundary markers: None identified; the skill does not use delimiters to separate guideline instructions from the file content being reviewed.
  • Capability inventory: Network access via 'WebFetch' and file system read access.
  • Sanitization: No validation, escaping, or filtering of input data or remote rules is performed before processing.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 24, 2026, 02:59 AM