Skills
skills/cookjohn/sd-skills/sd-navigate-pages/Gen Agent Trust Hub

sd-navigate-pages

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes browser automation tools to interact with ScienceDirect. It executes JavaScript via evaluate_script to retrieve the current URL and page state. Additionally, it uses an initScript to mask the navigator.webdriver property, which is a standard procedure to prevent bot detection.
  • [PROMPT_INJECTION]: The skill interprets user arguments to construct navigation URLs. This creates a surface for indirect prompt injection where untrusted input influences tool parameters.
  • Ingestion points: User intent from $ARGUMENTS is used to build target URL offsets and sort orders.
  • Boundary markers: No explicit delimiters are used to separate user input from the instruction context.
  • Capability inventory: The skill possesses the capability to navigate to calculated URLs (navigate_page) and execute scripts (evaluate_script).
  • Sanitization: The logic maps specific user intents (e.g., 'next', 'page 3') to predefined URL modifications, which reduces the risk of arbitrary injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 06:45 AM