web-quality-skill
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a bash script
scripts/analyze.shthat utilizesfindandgrepto perform static analysis on local HTML files. This is a localized helper tool used for the skill's primary auditing purpose.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests and processes data from untrusted local files.\n - Ingestion points: The
scripts/analyze.shscript iterates through user-provided directories and reads the content of all contained HTML files.\n - Boundary markers: The output of the analysis script does not include delimiters or specific instructions to help the agent distinguish between valid audit results and potentially malicious instructions embedded in the analyzed files.\n
- Capability inventory: The skill possesses the capability to read from the local file system and execute shell commands through its provided script.\n
- Sanitization: No sanitization or escaping is performed on the data extracted from the HTML files (including filenames) before it is returned to the agent context in JSON format, which could also lead to schema confusion if filenames contain special characters like double quotes.
Audit Metadata