paw-mkt-psychology
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes instructions to set up the
agent-browsertool to enable live website audits. This reference targets an official repository from a trusted organization for legitimate research capabilities. - Evidence: Installation command for
https://github.com/vercel-labs/agent-browserinreferences/shared-patterns.md. - [PROMPT_INJECTION]: The skill processes untrusted data from external sources when performing live website audits or reviewing existing codebases, which creates a surface for indirect prompt injection.
- Ingestion points: Context B (Existing Codebase) and Context C (Live Website URL) described in
references/shared-patterns.md. - Boundary markers: Not explicitly defined for external content ingestion.
- Capability inventory: The skill is scoped to reading local files and browser-based research; no high-risk command execution or file-write capabilities were identified in the provided scripts.
- Sanitization: No explicit validation or filtering of external content is documented before processing.
Audit Metadata