Skills
skills/actionbook/actionbook/active-research/Gen Agent Trust Hub

active-research

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the actionbook browser CLI to automate web navigation, text extraction, and UI interaction (clicking, typing).
  • [EXTERNAL_DOWNLOADS]: The workflow involves downloading and executing the @actionbookdev/json-ui package at runtime using npx to render the final report.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes npx for tool execution and optionally executes a local Node.js script from a dynamically computed path using git rev-parse.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the internet.
  • Ingestion points: Web content is ingested via actionbook browser text from arbitrary URLs and search engine results.
  • Boundary markers: No boundary markers or instructions to ignore embedded commands are used during the synthesis of external content.
  • Capability inventory: The agent has the ability to browse the web, interact with web forms (type/click), execute shell commands (npx, node), and write/open files on the local system.
  • Sanitization: There is no evidence of sanitization or filtering applied to the web content before it is processed by the agent or included in the JSON report structure.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 12:07 AM