feedback-loop
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill guides the agent to identify and execute arbitrary build and test commands found in the local environment, such as npm test, make, and cargo watch, to establish reproduction and validation loops.
- [EXTERNAL_DOWNLOADS]: The documentation recommends the use of npx agent-browser, which is a tool provided by Vercel Labs, a trusted organization. This utility is used for automated UI and visual verification.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via external data ingestion. Ingestion points: Data is read from tmux panes using capture-pane and from web pages using agent-browser snapshot; Boundary markers: No delimiters or ignore instructions are specified for captured output; Capability inventory: The agent can execute discovered reproduction commands and modify source files; Sanitization: No filtering or validation is performed on the captured output.
Audit Metadata