Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted Reddit data which introduces a surface for indirect prompt injection where malicious content on Reddit could attempt to influence the agent's behavior.\n
- Ingestion points:
camofox snapshotandcamofox get-linksinSKILL.mdcapture external content from reddit.com and old.reddit.com.\n - Boundary markers: None. The skill does not instruct the agent to ignore instructions embedded in the snapshots or page content.\n
- Capability inventory: High-privilege browser control, session management, and JavaScript evaluation (
camofox eval).\n - Sanitization: None identified; content is processed directly for navigation and interaction.\n- [DYNAMIC_EXECUTION]: The skill uses
camofox evalto execute hardcoded JavaScript strings within the browser context. This is used to bypass automation detection and errors when interacting with Reddit's UI.\n- [COMMAND_EXECUTION]: The skill requires execution of thecamofoxCLI via the Bash tool to perform all browser operations and session management.\n- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of thecamofox-browserNPM package, which is a tool provided by the author (redf0x1) for browser automation.
Audit Metadata