web-design-guidelines
Warn
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches design guidelines from Vercel Labs' public GitHub repository to perform design audits.
- [PROMPT_INJECTION]: The skill relies on external content retrieved at runtime to define its operational logic and output formatting. * Ingestion point: Guidelines fetched from GitHub in SKILL.md. * Boundary markers: The instructions do not define delimiters for the external content. * Capability inventory: Reading and analyzing local UI files. * Sanitization: No validation or sanitization of the remote content is performed before usage.
- [PROMPT_INJECTION]: Detected a discrepancy between the skill's stated provider (ian-pascoe) and the internal author metadata (vercel). This misrepresentation can lead to an incorrect assessment of the skill's origin and safety.
Audit Metadata