redfin-real-estate
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection as it processes data from an external website. \n- Ingestion points: Data scraped from Redfin.com listings via Selenium. \n- Boundary markers: No delimiters or safety instructions are used to distinguish between property data and potential malicious commands. \n- Capability inventory: Local command execution and web browser automation. \n- Sanitization: No content sanitization is described in the documentation. \n- EXTERNAL_DOWNLOADS (LOW): Installation of standard Python packages is required, including
webdriver-managerwhich downloads executable browser drivers from trusted repositories (Google/GitHub). \n- COMMAND_EXECUTION (SAFE): The skill correctly uses local script execution for its primary purpose.
Audit Metadata