trust-builder
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network operations by using a browser agent to visit and analyze external websites, including the user's application and competitor sites, which represents a controlled network ingestion path.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from multiple sources.
- Ingestion points: Live website content via browser MCP and local application source code and documentation.
- Boundary markers: The instructions lack explicit delimiters or 'ignore' directives for content retrieved from external or local sources.
- Capability inventory: The agent can navigate the web, capture screenshots, and write files to the local filesystem (reports).
- Sanitization: No validation or sanitization of the content from the analyzed application or codebase is performed before processing.
Audit Metadata