paw-mkt-retention
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it ingests untrusted data from external websites during competitive research and benchmark analysis.
- Ingestion points:
references/research-playbook.mdandreferences/shared-patterns.mduse theagent-browsertool to fetch text and HTML content from various external domains. - Boundary markers: Absent. The skill does not define delimiters or specific 'ignore' instructions for the data ingested from the browser.
- Capability inventory: The skill has the ability to write files (saving marketing deliverables), execute shell commands (via
agent-browser), and perform network operations. - Sanitization: Absent. Scraped content is processed directly for analysis and strategy generation.
- [COMMAND_EXECUTION]: The skill relies on shell command execution for its core research functionality, specifically using the
agent-browserCLI tool and local maintenance scripts (chrome-profiles.sh,tool-discovery.sh) to manage browser sessions and profiles. - [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
agent-browserutility from the official NPM registry or from Vercel Labs' GitHub repository to facilitate its research capabilities.
Audit Metadata