Skills
skills/gnoviawan/agentic-marketing/bmad-agent-marketing-analytics/Gen Agent Trust Hub

bmad-agent-marketing-analytics

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and installs the agent-browser skill from the official Vercel Labs GitHub repository (https://github.com/vercel-labs/agent-browser).
  • [COMMAND_EXECUTION]: Executes shell commands to automate website diagnostics, including PageSpeed Insights, structured data testing, and tag implementation audits using agent-browser.
  • [PROMPT_INJECTION]: Susceptible to indirect prompt injection due to the ingestion of untrusted data from external URLs during auditing tasks.
  • Ingestion points: Website body content and diagnostic results retrieved via agent-browser calls in references/shared-patterns.md.
  • Boundary markers: Absent; the skill does not define clear delimiters or provide instructions for the agent to ignore potentially malicious embedded content within the scraped text.
  • Capability inventory: The agent has access to shell commands and browser automation tools.
  • Sanitization: No evidence of input validation or content sanitization was found before processing the external website data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 02:06 PM