Skills
skills/aboul3ata/lazyweb-skill/lazyweb-design-brainstorm/Gen Agent Trust Hub

lazyweb-design-brainstorm

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform several local operations. It searches for a local browse binary in .claude/skills/lazyweb-skill/ or gstack directories and executes it to capture screenshots. It also runs a ./setup script if the binary is not found, creates directories using mkdir, and opens the generated report with the open command.
  • [EXTERNAL_DOWNLOADS]: The skill uses curl to download reference images from external URLs provided by the Lazyweb MCP tools into a local references directory.
  • [PROMPT_INJECTION]: The skill identifies a potential indirect prompt injection surface as it processes external content from web searches and screenshot descriptions.
  • Ingestion points: Data enters the context from ~/.lazyweb/libraries.json, WebSearch results, and visionDescription fields from Lazyweb MCP tools.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested data.
  • Capability inventory: The skill has access to Bash (shell execution), Write (file system modification), and WebSearch.
  • Sanitization: No validation or sanitization is performed on the external content before it is included in the generated reports or used in agent logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 09:55 PM