onboarding-ux
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection through web content analysis. * Ingestion points: Uses Chrome MCP and Playwright MCP to browse and ingest content from arbitrary web applications (SKILL.md). * Boundary markers: Missing explicit delimiters or instructions to ignore embedded instructions within the audited web pages. * Capability inventory: Writes artifacts and generated code to the local filesystem in
.jez/artifacts/(SKILL.md). * Sanitization: No validation or sanitization of ingested web data before it is processed for audit reports or code generation. - [EXTERNAL_DOWNLOADS]: References external browser automation tools including Chrome MCP, Playwright MCP, and playwright-cli.
- [COMMAND_EXECUTION]: Utilizes browser tools to perform active navigation and inspection of web applications.
Audit Metadata