web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from the official Vercel Labs repository on GitHub to use as a rule set for auditing files.
- [COMMAND_EXECUTION]: Instructs the agent to read local files or directory patterns provided by the user to perform the design compliance check.
- [PROMPT_INJECTION]: The skill implements a workflow that processes instructions from a remote Markdown file. This creates an indirect injection surface where the external file dictates agent logic.
- Ingestion points: Remote content fetched from
raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. - Boundary markers: None specified; the agent adopts the fetched guidelines as authoritative instructions.
- Capability inventory: Reading local files based on user-provided paths or patterns.
- Sanitization: No validation is performed on the fetched content before the agent processes it.
Audit Metadata