Skills
skills/matrixy/agent-browser/dogfood/Gen Agent Trust Hub

dogfood

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill has an inherent attack surface for indirect prompt injection because it interacts with and processes content from external, untrusted web applications.
  • Ingestion points: Browser snapshots, console logs, and error logs extracted from the target URL via the agent-browser tool as described in SKILL.md.
  • Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions when the agent processes page content.
  • Capability inventory: The agent can create directories, copy files, and perform full browser automation including clicking and form filling.
  • Sanitization: No sanitization or validation of the content read from the target web application is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 02:13 PM