web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches design guidelines from Vercel Labs' official GitHub repository. This external reference is used as the source of truth for performing UI audits and is consistent with the skill's primary purpose.
- [SAFE]: No instances of prompt injection, obfuscation, or unauthorized data access were detected. The skill maintains a clear and focused scope for reviewing user-provided UI code.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external content and user files.
- Ingestion points: Fetches design guidelines from a remote GitHub URL and reads local files as specified in
SKILL.md. - Boundary markers: The instructions do not define explicit delimiters or boundary markers for the ingested content.
- Capability inventory: Limited to network retrieval of guidelines and reading of local files for audit purposes as described in
SKILL.md. - Sanitization: No explicit sanitization or validation of the fetched guidelines or user code files is mentioned.
Audit Metadata