web-testing
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a PowerShell script (
scripts/test-scaffold.ps1) used to automate the creation of test files and directory structures. While the script operates on local templates and parameters, the use of executable scripts for file generation is a capability to be used with caution.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to browse, read, and interact with external web content which is inherently untrusted.\n - Ingestion points: The skill retrieves data from arbitrary URLs using Playwright's
page.goto()and DevTools'navigatePage()as seen inSKILL.md.\n - Boundary markers: The provided implementation examples do not include boundary markers or system instructions to disregard potential commands embedded within the processed web data.\n
- Capability inventory: The skill provides access to browser-level execution environments via
page.evaluate()andchrome.evaluateScript(), as well as interaction tools likeclickandfill, which could be manipulated by malicious content on a target website.\n - Sanitization: No mechanisms for sanitizing or validating external web content are demonstrated in the skill's logic.
Audit Metadata