Skills
skills/aiagentskills/skills/webapp-testing/Gen Agent Trust Hub

webapp-testing

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The helper script 'scripts/with_server.py' uses 'subprocess.Popen(..., shell=True)' to execute arbitrary strings provided via the '--server' argument. This is used to start local development servers (e.g., 'npm run dev'). While this is the intended functionality, it constitutes a powerful command execution primitive. The severity is MEDIUM due to the trusted origin and primary purpose alignment.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted data from web pages being tested. 1. Ingestion points: 'examples/console_logging.py' (msg.text) and 'examples/element_discovery.py' (button/link text). 2. Boundary markers: Absent. 3. Capability inventory: Command execution via 'scripts/with_server.py'. 4. Sanitization: Absent.
  • [EXTERNAL_DOWNLOADS] (SAFE): The repository 'https://github.com/anthropics/skills' and author 'Anthropic' are confirmed trusted sources.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:31 PM