website-quality-check
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from the
website/directory. - Ingestion points: Files and pages within the
website/folder. - Boundary markers: Absent; there are no instructions to ignore embedded commands within the processed files.
- Capability inventory: Executes
scripts/website-verify.shand interacts with Chrome DevTools MCP. - Sanitization: Absent; no validation or escaping of the website content is performed before processing.
- [COMMAND_EXECUTION]: The skill executes a local script
scripts/website-verify.shwhen HTML/CSS/JS files are modified. This is a standard procedure for verification but involves executing local code based on the state of the repository.
Audit Metadata