robot-framework-skill
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill includes example credentials (e.g., 'password123', 'TestPass123') in test cases and variable definitions across SKILL.md and reference/playbook.md. These are documented as placeholders for local development and testing environments.
- [COMMAND_EXECUTION]: The playbook.md file utilizes the Robot Framework 'Evaluate' keyword to execute Python code snippets at runtime, specifically for initializing selenium.webdriver.ChromeOptions during cloud browser configuration.
- [EXTERNAL_DOWNLOADS]: The documentation provides instructions to install standard testing libraries such as 'robotframework-seleniumlibrary' and 'robotframework-requests' via the pip package manager from official registries.
- [PROMPT_INJECTION]: The skill implements patterns for data-driven testing that establish a surface for indirect prompt injection. \n
- Ingestion points: Processes external input from CSV files (e.g., 'data/login_tests.csv') using the DataDriver library in reference/advanced-patterns.md and reference/playbook.md. \n
- Boundary markers: No specific delimiters or instructions are provided to the agent to treat CSV content as untrusted data or to ignore embedded instructions within those files. \n
- Capability inventory: The skill possesses extensive capabilities including automated browser interaction (SeleniumLibrary/Browser Library) and arbitrary network requests (RequestsLibrary). \n
- Sanitization: There is no evidence of validation or sanitization of the external CSV data before it is passed to automation keywords.
Audit Metadata