marketing-guerrilla
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the
agent-browserpackage and Microsoft Playwright browser binaries from the NPM registry if they are not already available in the environment. - [COMMAND_EXECUTION]: Shell commands are used to perform global software installations (
npm install -g) and binary setup (npx playwright install), which may require elevated system privileges. - [PROMPT_INJECTION]: The skill possesses a high surface for indirect prompt injection because it scrapes and extracts information from various external, user-controlled platforms including Reddit, TikTok, YouTube, and Product Hunt.
- Ingestion points: Web content is fetched from Google Trends, YouTube, Reddit, TikTok, and Product Hunt URLs using the
agent-browsertool inSKILL.md. - Boundary markers: There are no boundary markers or instructions to treat external data as untrusted text rather than agent instructions.
- Capability inventory: The agent has the capability to write to the local file system (
./brands/) and execute package management commands. - Sanitization: No logic is present to sanitize, validate, or filter the scraped content before the agent interprets it for viral trends and strategy insights.
Audit Metadata