web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches design guidelines from Vercel's official GitHub repository at runtime.
- [PROMPT_INJECTION]: The skill processes untrusted user data which presents a surface for indirect prompt injection.
- Ingestion points: User-specified files and the external guidelines markdown file.
- Boundary markers: No explicit delimiters or instructions are used to isolate the data being audited from the agent's core processing logic.
- Capability inventory: The skill is restricted to file reading and text output; no capabilities for subprocess execution, persistent file writing, or unauthorized network operations were identified.
- Sanitization: Content from the audited files is processed directly without filtering for malicious instructions.
Audit Metadata