web-features-summary
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (LOW): The MAINTENANCE.md file instructs the agent to install the 'web-features' package from the NPM registry during update cycles. While this is a standard industry package, it remains an external dependency managed at runtime.
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection through its automated update workflow. The agent processes natural language descriptions from the external 'web-features' package and uses them to rebuild its core instruction file (SKILL.md). (1) Ingestion point: NPM package data via scripts/generate_skill_reference.js. (2) Boundary markers: Not present in the generated reference output. (3) Capability inventory: Modifying internal skill files and committing code changes. (4) Sanitization: Only basic regex-based HTML tag removal is performed on external content.
- Command Execution (LOW): The skill's maintenance protocol requires the execution of local Node.js scripts. These scripts have been audited and are confirmed to be data-processing utilities that do not perform unauthorized system operations.
Audit Metadata