ui-review
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is designed to perform systematic UI walkthroughs and audit applications for UX improvements. It instructions the agent to use built-in browser automation tools to capture screenshots across multiple viewports (desktop, mobile, tablet).
- [COMMAND_EXECUTION]: The skill employs vendor-specific CLI and MCP tools (
helpmetest,helpmetest_run_test,run_interactive_command) to manage authentication states and perform live app navigation. This is standard functionality for the helpmetest ecosystem. - [DATA_EXFILTRATION]: While the skill uploads screenshot data via
helpmetest_upload, this action is restricted to the vendor's own infrastructure for the purpose of generating review artifacts and is not considered unauthorized exfiltration. - [PROMPT_INJECTION]: The skill references a character configuration file (
.helpmetest/SOUL.md) to define the agent's persona. This is a local configuration mechanism and does not attempt to bypass platform safety guidelines. - [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface where it processes data from local files and web pages.
- Ingestion points: External content is ingested from the
.helpmetest/SOUL.mdconfiguration file and from rendered text/UI elements on web pages visited during the walkthrough. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded prompts within the audited pages or configuration files.
- Capability inventory: The skill can execute browser commands via
run_interactive_command, run tests viahelpmetest_run_test, and save data viahelpmetest_upsert_artifact. - Sanitization: No explicit sanitization or validation steps are described for the data retrieved from the target application's UI or the character file.
Audit Metadata