get-started
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access patterns were detected in the skill instructions. The skill facilitates a guided browser navigation demo which is standard for its stated purpose.
- [PROMPT_INJECTION]: The skill includes an input surface for browser navigation based on user commands, which constitutes an indirect prompt injection surface. 1) Ingestion points: User-provided URLs or site names in the 'Then' section of SKILL.md. 2) Boundary markers: No explicit delimiters or 'ignore embedded instructions' warnings are present. 3) Capability inventory: Interaction with the chrome-devtools MCP for page navigation (SKILL.md). 4) Sanitization: No explicit input validation or sanitization of the user-provided site string is performed.
Audit Metadata