Skills
skills/oimiragieo/agent-studio/webapp-testing/Gen Agent Trust Hub

webapp-testing

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted content from web applications.
  • Ingestion points: The skill reads HTML content, element text, and browser console logs from arbitrary URLs and local files (described in Approach A and B in SKILL.md).
  • Boundary markers: There are no instructions provided to wrap the external web content in delimiters or to ignore potential instructions embedded within the target application's data.
  • Capability inventory: The skill allows access to the Bash tool (frontmatter of SKILL.md) and provides code templates in SKILL.md for executing shell commands via subprocess.Popen to manage local servers.
  • Sanitization: There is no mention of sanitizing, escaping, or validating the content retrieved from the browser before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 03:07 AM