Skills
skills/help-me-test/skills/helpmetest-discover/Gen Agent Trust Hub

helpmetest-discover

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface by processing data from untrusted sources. The workflow requires the agent to visit external websites and interpret their content to define personas and features.
  • Ingestion points: In SKILL.md, the agent navigates to and reads page content during the 'Initial Discovery' phase.
  • Boundary markers: The instructions do not specify any delimiters or safety warnings to prevent the agent from following instructions embedded within the target website's text.
  • Capability inventory: The skill has access to helpmetest_run_interactive_command for browser automation and helpmetest_upsert_artifact for data persistence.
  • Sanitization: There is no evidence of sanitization or filtering applied to the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 11:50 PM