notte
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill documentation correctly identifies the risk of handling credentials. It promotes security best practices by recommending a secure
Vaultfor session authentication and the use of environment variables forNOTTE_API_KEYmanagement instead of passing secrets directly through natural language prompts. - [INDIRECT_PROMPT_INJECTION]: As the skill is designed to ingest and process untrusted content from external websites, it is inherently susceptible to indirect prompt injection. The documentation provides a mitigation strategy by encouraging the use of Pydantic models for structured extraction, which validates the output against a strict schema and reduces the likelihood of an agent executing instructions embedded in web content.
- [COMMAND_EXECUTION]: The skill facilitates browser-level command execution (clicks, form fills, navigation). Recipe 6 demonstrates a feature where the agent generates a Python script from a recorded workflow and writes it to the local filesystem (
pricing_extractor.py). This is a documented capability intended for converting exploratory agent runs into repeatable functions. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
notteandnotte-mcppackages from PyPI, along with thepatchrightlibrary for local browser automation. These are official vendor resources or standard technology libraries for this domain.
Audit Metadata