Skills
skills/pawbytes/skill-suites/paw-mkt-guerrilla/Gen Agent Trust Hub

paw-mkt-guerrilla

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the agent-browser tool from Vercel Labs' official GitHub repository. Vercel Labs is a well-known and trusted technology provider.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands for environment setup and tool discovery, including running local scripts like tool-discovery.sh and chrome-profiles.sh. It also suggests the use of npm and npx for package management and tool execution.
  • [DATA_EXFILTRATION]: The skill employs agent-browser for performing research on live websites, which involves network operations. The documentation includes best practices for security, such as adding authentication state files to .gitignore and using dedicated browser profiles to prevent accidental credential leakage.
  • [PROMPT_INJECTION]: The skill performs 'Live Website URL Audits' using agent-browser or WebFetch. This creates a surface for indirect prompt injection where untrusted content from external websites is ingested into the agent's context. The skill mitigates this by grounding actions in pre-flight strategic context files and using structured workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 03:28 AM