web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel's official GitHub repository to use for code audits.
- [PROMPT_INJECTION]: The skill processes instructions from an external Markdown file, creating an indirect prompt injection surface. This is mitigated by the use of a trusted source repository and the limited scope of the skill's capabilities. 1. Ingestion points: Guideline content fetched from GitHub. 2. Boundary markers: None explicitly defined in the skill instructions. 3. Capability inventory: Local file reading and text analysis; no dangerous command execution or network exfiltration identified. 4. Sanitization: No sanitization is performed on the fetched guideline content.
Audit Metadata