qa-ui
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill is composed entirely of markdown instructions and does not include any scripts, binaries, or automated code execution.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its requirement to interact with external content.\n
- Ingestion points: File
SKILL.md(Step 1 and Step 2) instructs the agent to navigate to user-provided URLs or local ports and walk through the product's screens.\n - Boundary markers: The instructions do not provide delimiters or specific guidelines for the agent to ignore instructions that might be embedded in the text or HTML of the target website.\n
- Capability inventory: The agent is granted browser navigation and screenshotting capabilities to document the UI.\n
- Sanitization: There is no mechanism for sanitizing or filtering the content found on external pages before the agent processes and screenshots it.
Audit Metadata