Skills
skills/2389-research/claude-plugins/regulars/Gen Agent Trust Hub

regulars

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it interacts with untrusted external web content.
  • Ingestion points: External website content is ingested via browser MCP tools when navigating to target URLs defined in the Agent Prompt Template in SKILL.md.
  • Boundary markers: The subagent instructions lack explicit delimiters (e.g., XML tags or clear separators) and warnings to disregard embedded instructions within the website content.
  • Capability inventory: The agents have the capability to navigate, click elements, search, and capture screenshots using browser MCP tools.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the text or metadata retrieved from the target websites before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 01:24 AM