paw-mkt-sostac
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill automates the installation of the agent-browser package and Playwright browser binaries from public registries to support its discovery features. These resources originate from well-known repositories and trusted organizations.- [COMMAND_EXECUTION]: The agent executes local shell commands to manage files in the brand workspace, verify tool availability, and run internal scripts for environment discovery and profile management.- [PROMPT_INJECTION]: The skill performs automated research on external sites (e.g., Reddit, G2, Quora), creating a surface for indirect prompt injection where third-party content could influence the agent's analysis.
- Ingestion points: Browser-based discovery targeting competitor websites, review platforms, and social forums.
- Boundary markers: Not explicitly defined in the instruction templates for external content ingestion.
- Capability inventory: Local file system read/write access, network operations via browser automation, and shell command execution.
- Sanitization: The skill converts scraped web content into marketing documents without explicit validation or sanitization protocols.
Audit Metadata