Skills
skills/7spade/black-tortoise/webapp-testing/Gen Agent Trust Hub

webapp-testing

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (MEDIUM): The SKILL.md documentation explicitly tells the agent 'DO NOT read the source until you try running the script first' and to treat scripts as 'black-box'. This is a safety-bypass pattern that discourages code auditing and attempts to override standard safety reasoning.
  • [COMMAND_EXECUTION] (MEDIUM): The 'scripts/with_server.py' utility uses 'subprocess.Popen' with 'shell=True' to execute server commands provided as string arguments. This is a dangerous pattern that can lead to command injection if the input strings are manipulated.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). It ingests untrusted data from web pages (DOM content and console logs) without sanitization. Evidence: Ingestion points in 'element_discovery.py' and 'console_logging.py'; no boundary markers; high capabilities via 'with_server.py'; no sanitization present.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:11 PM