web-automation
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function is web scraping and automation, which introduces an indirect prompt injection surface. External web content ingested via Playwright, Puppeteer, or Scrapy could contain instructions meant to influence the agent's behavior.
- Ingestion points: Data extraction through
page.textContent,$$eval, and Scrapy spiders inSKILL.md. - Boundary markers: Not present in the provided code snippets.
- Capability inventory: Browser automation, file system access (writing screenshots/PDFs), and network requests.
- Sanitization: Not explicitly implemented in the provided templates.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install standard, well-known industry libraries including Playwright, Puppeteer, and Scrapy from official package registries (npm and PyPI).
- [COMMAND_EXECUTION]: Includes code snippets for executing browser automation commands and CLI installation strings for managing automation drivers.
Audit Metadata