generate-marketing-screens
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [NO_CODE] (HIGH): The analysis package contains only documentation (README.md and a checklist). The actual instruction set or logic for the skill is missing, meaning the core behavior is unverified and relies on an untrusted external repository.
- [EXTERNAL_DOWNLOADS] (HIGH): The installation command
npx skills add anaghkanungo7/agent-skills/...pulls content from a GitHub account that is not in the Trusted External Sources list. This allows for the execution of unvetted code during installation or runtime. - [PROMPT_INJECTION] (HIGH): Indirect Prompt Injection Surface Detected.
- Ingestion points: The skill is designed to visit external, user-specified URLs (e.g.,
https://myapp.com) to extract content. - Boundary markers: There are no delimited boundaries or instructions for the agent to ignore hidden commands within the target websites.
- Capability inventory: The skill uses Playwright to interact with the browser and has the capability to write files (
PRODUCT_HUNT.mdand images) to a localmarketing/directory. - Sanitization: No sanitization or filtering of external web content is described, allowing a malicious website to potentially hijack the agent's session or manipulate file system operations.
- [COMMAND_EXECUTION] (LOW): The skill relies on the Playwright MCP server for browser automation. While standard, using an automated browser on untrusted external sites provides a vector for exploitation if the agent is coerced into clicking malicious elements or navigating to sensitive internal addresses.
Recommendations
- AI detected serious security threats
Audit Metadata