form-attribution
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the attribution library from JSDelivr, a well-known CDN service. The implementation uses the
@latesttag for theform-attributionpackage from an external repository, which is a common practice but lacks the security of a pinned version or Subresource Integrity (SRI) hash. - [DATA_EXFILTRATION]: The library is designed to capture marketing attribution data including UTM parameters, referrer URLs, and ad click identifiers such as GCLID and FBCLID. This data is then transmitted to the form's processing server upon submission.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. Since the library automatically captures data from URL parameters and injects them into hidden form fields, a malicious actor could craft a URL with payloads in the parameters that are then processed by downstream systems like CRMs or email handlers.
- [COMMAND_EXECUTION]: The implementation patterns use
MutationObserverto monitor DOM changes and dynamically execute logic to inject fields into forms as they appear on the page, ensuring compatibility with dynamic content and single-page applications.
Audit Metadata