Skills
skills/zackkorman/skills/web-design-guidelines-6/Gen Agent Trust Hub

web-design-guidelines-6

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The skill is designed to fetch instructions from a remote URL and apply them as logic to your local files. The instructions explicitly state that the 'fetched content contains all the rules and output format instructions.'
  • Evidence: Fetching from https://raw.githubusercontent.com/cloudflare/web-interface-guidelines/main/command.md to determine agent behavior.
  • Risk: If the remote repository is compromised, the agent will follow malicious instructions, such as reading sensitive files and sending their content to an attacker-controlled endpoint.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill relies on an external source from a GitHub organization (cloudflare) that is not included in the predefined list of trusted organizations.
  • PROMPT_INJECTION (LOW): This skill exhibits a significant Indirect Prompt Injection surface (Category 8) because it treats untrusted remote data as high-privileged instructions.
  • Ingestion points: SKILL.md fetches content from a remote markdown file.
  • Boundary markers: Absent; there are no instructions to ignore embedded commands in the fetched guidelines.
  • Capability inventory: The agent has the ability to read arbitrary files based on the fetched rules.
  • Sanitization: Absent; the remote content is directly interpolated into the agent's task logic.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 18, 2026, 01:50 PM