app-docs
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes browser automation tools (Chrome MCP, Playwright) to programmatically interact with web applications. This behavior is essential for its core functionality of discovering routes and capturing screenshots for documentation.
- [DATA_EXPOSURE]: The instructions explicitly guide the agent to ask the user for authentication details or credentials when documented areas require login. This represents a secure practice of involving the user in credential management rather than using hardcoded or hidden secrets.
- [PROMPT_INJECTION]: The skill processes untrusted external data by browsing user-provided URLs. While this creates a surface for indirect prompt injection (where malicious text on a website might attempt to override agent instructions), the risk is inherent to any web-browsing capability. The skill manages this risk by focusing on structured documentation output and including human-in-the-loop checkpoints for interactive actions.
- [REMOTE_CODE_EXECUTION]: No patterns for remote code execution, such as piping network downloads to a shell, were detected. The use of browser MCPs is a standard platform capability.
Audit Metadata