paw-mkt-social
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the
agent-browsertool from Vercel Labs' official GitHub repository to enable live research capabilities. As Vercel Labs is a trusted organization, this is considered a safe and standard setup procedure.- [COMMAND_EXECUTION]: Diagnostic and setup scripts (tool-discovery.sh,chrome-profiles.sh) are executed from a local setup directory to verify the presence of required system tools and browser profiles.- [COMMAND_EXECUTION]: The skill provides instructions for installing dependencies including theagent-browsernpm package and Playwright browser binaries to support its primary function of website auditing.- [COMMAND_EXECUTION]: Browser automation commands are used to interact with social media platforms and competitor websites for data gathering and analysis.- [PROMPT_INJECTION]: The skill possesses an inherent surface for indirect prompt injection as it is designed to ingest and audit data from external websites via browser tools. This risk is inherent to its primary purpose of social media research and auditing. - Ingestion points: External URLs processed via
agent-browserandWebFetch(referenced inreferences/shared-patterns.md). - Boundary markers: Not explicitly defined in the instructional text for processing external content.
- Capability inventory: File system writes to the brand workspace, shell command execution for tool installation, and network access via automated browsing.
- Sanitization: No specific content filtering or sanitization logic is provided for the retrieved web data.
Audit Metadata