chrome-automation
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external websites through its scraping examples, creating a surface for indirect prompt injection. * Ingestion points: Web data extracted via scraping logic in SKILL.md. * Boundary markers: No specific delimiters or instructions to ignore embedded prompts in scraped content are provided. * Capability inventory: The skill has permissions to write files and execute bash commands. * Sanitization: Scraped content is not sanitized before processing.
- [SAFE]: The provided code snippets are standard developer examples and do not contain malicious intent. Authentication examples use obvious placeholder values.
Audit Metadata