Skills
skills/4444j99/a-i--skills/webapp-testing/Gen Agent Trust Hub

webapp-testing

Warn

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/with_server.py uses subprocess.Popen with shell=True to execute server commands provided as command-line arguments. This allows for arbitrary shell command execution on the host environment.
  • [PROMPT_INJECTION]: The documentation in SKILL.md explicitly instructs the agent to avoid reading the source code of helper scripts ('DO NOT read the source until you try running the script first'), which could lead to the agent executing malicious or unexpected logic without prior verification.
  • [DATA_EXPOSURE]: The example script examples/console_logging.py captures all browser console messages and writes them to a file in /mnt/user-data/outputs/. If the application being tested logs sensitive data (e.g., tokens, PII), this information would be exposed in the output file.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 19, 2026, 03:24 AM