Skills
skills/involvex/aetheris/web-design-reviewer/Gen Agent Trust Hub

web-design-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external websites.
  • Ingestion points: Web content and DOM snapshots are ingested via browser_navigate and browser_snapshot tools into the agent's context.
  • Boundary markers: The instructions do not define boundary markers to separate external website content from system or skill instructions.
  • Capability inventory: The agent has the ability to read and write source code files and perform project-wide searches using grep_search and semantic_search.
  • Sanitization: There are no specified sanitization procedures for the ingested HTML or DOM content.
  • [EXTERNAL_DOWNLOADS]: The skill's reference implementation involves downloading and executing external code.
  • Evidence: The documentation recommends the use of Playwright MCP via npx -y @playwright/mcp@latest.
  • Source: This package is maintained by a well-known and trusted technology organization.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 04:43 PM