identify-page-structure
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted scraped webpage content (cleaned.html), which is an ingestion point for indirect prompt injection. Maliciously crafted HTML could attempt to influence the agent's structural analysis or the parameters of invoked skills. * Ingestion points: cleaned.html (referenced in prerequisites). * Boundary markers: Absent; there are no instructions to delimit the untrusted HTML data. * Capability inventory: The skill workflow involves invoking 'page-decomposition' and 'block-inventory' skills based on the analysis. * Sanitization: Absent; no steps are provided to validate or sanitize the input HTML.
- [No Code] (SAFE): The skill file (SKILL.md) consists entirely of documentation and markdown instructions. No scripts, shell commands, or network-initiating code were detected.
Audit Metadata