website-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it extracts and processes arbitrary content from user-provided external websites. * Ingestion points: Content is ingested from the web using
agent-browserand parsed for text, metadata, and structured data. * Boundary markers: The skill does not specify the use of delimiters or 'ignore' instructions to prevent the agent from obeying commands embedded in the crawled content. * Capability inventory: The agent can write various data files (TypeScript, JSON, Markdown) and capture screenshots. * Sanitization: No sanitization or validation of the extracted content is mentioned before it is processed or stored. - [EXTERNAL_DOWNLOADS]: The skill automatically downloads and stores assets from the target websites. * Evidence: Images and assets are downloaded to
public/images/andpublic/assets/respectively during the analysis process.
Audit Metadata