Skills
skills/codingheader/myskills/webapp-testing/Gen Agent Trust Hub

webapp-testing

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The helper script 'scripts/with_server.py' utilizes 'subprocess.Popen' with 'shell=True' to execute server commands provided via the '--server' argument. This pattern is highly susceptible to shell injection.
  • [COMMAND_EXECUTION] (HIGH): 'scripts/with_server.py' functions as a generic execution wrapper that executes arbitrary commands through 'subprocess.run', which can be exploited to run malicious logic.
  • [PROMPT_INJECTION] (LOW): The 'SKILL.md' documentation uses a directive ('DO NOT read the source until you try running the script first') that discourages the agent from performing safety scrutiny of scripts before execution.
  • [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface through its web interaction capabilities. Ingestion points: 'page.goto()' in 'examples/console_logging.py', 'examples/element_discovery.py', and 'examples/static_html_automation.py'. Boundary markers: Absent. Capability inventory: Shell command execution via 'scripts/with_server.py' and file system writes in '/mnt/user-data/'. Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:38 PM