Skills
skills/chasebuild/agent-skills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches updated web interface guidelines from the official Vercel Labs GitHub repository (vercel-labs/web-interface-guidelines). This is a trusted and well-known source.
  • [PROMPT_INJECTION]: The skill ingests untrusted content from both remote guidelines and local user files, which constitutes a surface for indirect prompt injection. However, this is the intended functionality of the review skill and presents no active threat.
  • Ingestion points: Remote guideline content via URL and local user files specified in the argument.
  • Boundary markers: None present to separate rule instructions from processed data.
  • Capability inventory: The skill is limited to reading files and fetching content; no dangerous capabilities like shell execution or data exfiltration were detected.
  • Sanitization: Content is processed as-is for the review task.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 12:28 PM
Security Audit — agent-trust-hub — web-design-guidelines