page-agent
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the creation of agents that interpret natural language commands to interact with web page DOM elements. This creates an indirect prompt injection surface where malicious content on a webpage or malicious user input could potentially influence the agent's actions.
- Ingestion points: Untrusted data enters the agent context via userInput and input variables in the Vue, React, and native JavaScript examples found in SKILL.md and references/component-templates.md.
- Boundary markers: While the skill does not show explicit delimiter-based prompt engineering, it provides a security mitigation via the onBeforeAction hook in SKILL.md and references/use-cases.md, allowing for human-in-the-loop verification of actions.
- Capability inventory: The integrated Page Agent can perform browser actions such as clicking, form filling, and searching as documented in SKILL.md and references/use-cases.md.
- Sanitization: The provided code snippets do not include explicit sanitization or validation of the natural language inputs before they are passed to the agent.execute() method.
Audit Metadata