marketing-content
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill contains instructions to download the 'agent-browser' package from the npm registry and Chromium binaries via Playwright during setup.
- [COMMAND_EXECUTION]: The agent is directed to execute shell commands for environment setup and data gathering, including global package installation via 'npm install -g agent-browser' and multiple CLI calls to the 'agent-browser' tool.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it scrapes content from search engines (Google), social platforms (Reddit, Quora), and competitor websites. This untrusted data is processed to extract research insights without boundary markers or sanitization, creating a path for embedded malicious instructions to influence the agent's strategic recommendations.
Audit Metadata