extract
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'agent-browser' CLI tool to navigate and interact with websites. It executes commands where user-provided URLs are passed as arguments.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by retrieving and analyzing content from untrusted external websites.
- Ingestion points: Website CSS, HTML elements, and text content are extracted from arbitrary URLs provided by the user.
- Boundary markers: There are no markers or specific instructions to prevent the agent from being influenced by malicious commands embedded in the target website's content.
- Capability inventory: The skill has 'Write' access to the filesystem and the ability to interact with the web through 'agent-browser'.
- Sanitization: No sanitization or filtering is performed on the data extracted from the website before it is used for analysis or report generation.
- [EXTERNAL_DOWNLOADS]: The skill's requirements instruct the user to install the 'agent-browser' package globally from npm and download additional browser binaries.
Audit Metadata