Skills
skills/jhb-software/payload-astro-website-template/test-web/Gen Agent Trust Hub

test-web

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to start a Node.js development server using 'pnpm dev' and performs browser automation via 'agent-browser'. These actions are standard for the described testing use case.
  • [SAFE]: No malicious obfuscation, unauthorized network operations to external sites, or sensitive credential access were detected. The skill operates within the local environment (localhost).
  • [PROMPT_INJECTION]: The skill uses an automated browser tool to open and interact with web pages, which is an attack surface for indirect prompt injection. 1. Ingestion points: Web page content accessed via 'agent-browser open' in SKILL.md. 2. Boundary markers: No explicit markers or instructions to ignore embedded content are provided. 3. Capability inventory: Local command execution via 'pnpm' and 'agent-browser'. 4. Sanitization: No sanitization or validation of the ingested web content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 06:30 PM