identify-page-structure
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes scraped webpage content, which constitutes an indirect prompt injection surface. This is a characteristic of the skill's purpose rather than a malicious implementation.
- Ingestion points: The skill processes external data including 'screenshot.png', 'cleaned.html', and 'metadata.json' (SKILL.md).
- Boundary markers: The documentation includes an 'External Content Safety' section that explicitly instructs the agent to treat all scraped content as untrusted and to ignore any commands or directives embedded within it (SKILL.md).
- Capability inventory: The skill facilitates structural analysis and invokes other specialized skills like 'page-decomposition' and 'block-inventory'. It does not perform shell command execution or direct network exfiltration (SKILL.md).
- Sanitization: Safety is maintained through instructional guardrails that guide the agent to perform structural analysis while ignoring the semantic content of instructions within the source data.
Audit Metadata