Skills
skills/liangmiqwq/skills/web-design-guidelines/Gen Agent Trust Hub

web-design-guidelines

Warn

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's YAML frontmatter identifies the author as 'vercel', which is inconsistent with the provided author context of 'liangmiQwQ'. This form of metadata poisoning impersonates a well-known entity to gain unearned trust.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to fetch guidelines from an external repository at https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md. This is the documented source for the audit logic.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by retrieving its operational instructions and formatting rules from a remote file at runtime.
  • Ingestion points: Fetches instructions from the vercel-labs GitHub repository as specified in SKILL.md.
  • Boundary markers: Absent; the agent is instructed to adopt the fetched content as its instructions and output format without delimiters or warnings.
  • Capability inventory: The agent reads user-specified files or patterns and outputs audit findings.
  • Sanitization: The skill does not validate or sanitize the remote content before using it to define agent behavior.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 13, 2026, 10:25 PM
Security Audit — agent-trust-hub — web-design-guidelines