troubleshoot
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool inSKILL.mdto perform system diagnostics, including checking versions (node -v,npm -v) and running build/test scripts (npm run build,npm test).\n- [EXTERNAL_DOWNLOADS]: The skill instructs the agent inSKILL.mdto install theagent-browserpackage globally usingnpm install -g, which involves downloading and executing code from the public npm registry.\n- [PROMPT_INJECTION]: The skill inSKILL.mdexhibits an attack surface for indirect prompt injection via untrusted data processing.\n - Ingestion points: Data enters the agent's context through web content retrieved by
agent-browserand system command outputs or logs processed inSKILL.md.\n - Boundary markers: No delimiters or safety instructions are provided in
SKILL.mdto distinguish between diagnostic data and potentially malicious embedded instructions.\n - Capability inventory: The agent has access to the
Bashtool (referenced inSKILL.md), which allows the execution of arbitrary shell commands based on its analysis.\n - Sanitization: No validation or sanitization mechanisms are implemented in
SKILL.mdfor external content before it is processed by the agent.
Audit Metadata