webapp-selenium-testing
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides functionality to read text and attributes from web pages via Selenium methods (such as
getTextandgetAttributein the generatedBasePage.java). This creates a surface for indirect prompt injection where adversarial content on a website could influence the agent's reasoning or behavior. - Ingestion points: Web content is ingested through methods like
getTextandgetAttributein the generated Page Object classes. - Boundary markers: No delimiters or instructional warnings are provided to differentiate web content from system instructions.
- Capability inventory: The skill can automate browser actions, capture screenshots, and execute shell commands through Maven (e.g.,
mvn test). - Sanitization: There is no sanitization or filtering of the retrieved web content implemented in the provided code templates.
Audit Metadata