web-quality-audit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE] (SAFE): The skill accesses local HTML files for analysis using
grep. This behavior is limited to the skill's stated purpose of auditing web quality and does not attempt to access sensitive system files or credentials. - [COMMAND_EXECUTION] (SAFE): The
analyze.shscript executes standard shell commands (grep,find) with proper variable quoting to prevent basic command injection via filenames. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted HTML data provided by the user. While the script only returns specific text matches from its audit, this constitutes a data ingestion surface.
- Ingestion points: HTML files processed by
scripts/analyze.shviafindandgrep. - Boundary markers: Absent; the audit results are returned directly to the agent.
- Capability inventory: Local file reading (
grep) and directory traversal (find). - Sanitization: None; the script performs literal string/regex matching.
Audit Metadata