Skills
skills/affitor/affiliate-skills/webinar-registration-page/Gen Agent Trust Hub

webinar-registration-page

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user data and interpolates it into generated HTML and JavaScript code without explicit sanitization instructions.\n
  • Ingestion points: The SKILL.md file defines an input schema that accepts user-provided text for event titles, presenter biographies, and affiliate product descriptions.\n
  • Boundary markers: There are no instructions or delimiters designed to separate user-provided data from the generated code structure.\n
  • Capability inventory: The skill generates functional JavaScript for countdown timers and form redirects (using window.location.href), which could be manipulated if input is not properly handled.\n
  • Sanitization: The workflow lacks explicit steps for sanitizing or escaping user input before it is placed into the code blocks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:32 AM