vercel-agent-web-design-guidelines
Warn
Audited by Snyk on Jul 3, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required workflow fetches guidelines from a public URL at runtime (outsider-authored web content) and then reads those fetched instructions as LLM-readable text to drive the review, creating an indirect prompt-injection surface.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the agent to fetch runtime rules from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md using WebFetch, and that fetched document directly controls the agent's prompt/validation logic, so this is a runtime external dependency that governs instructions.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata