qa-screenshot-validation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for legitimate visual QA tasks and does not contain malicious logic or data exfiltration code.
- [NO_CODE]: No standalone executable scripts or binary files are included in the skill package; logic is provided as instructional markdown.
- [COMMAND_EXECUTION]: The skill provides Playwright command templates for viewport manipulation, which are standard for automated web testing and pose no inherent risk.
- [PROMPT_INJECTION]: The analysis of screenshots from external pages introduces a theoretical indirect prompt injection surface.
- Ingestion points: Screenshots of external web pages (SKILL.md).
- Boundary markers: Analysis is focused on visual layout boundaries rather than textual content.
- Capability inventory: Viewport resizing using standard Playwright methods.
- Sanitization: No specific sanitization of visual content is performed, but the task constraints limit potential impact.
Audit Metadata