review-ui
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
agent-browserCLI tool to perform automated UI testing and scenario validation on provided URLs. - [EXTERNAL_DOWNLOADS]: The skill references an installation process that downloads the
agent-browserpackage from the NPM registry and subsequently downloads the Chromium browser. The process correctly utilizes theAskQuestiontool to seek explicit user consent before performing any installations. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks. It ingests untrusted data by browsing external URLs provided by the user. If a reviewed website contains malicious instructions (e.g., hidden in HTML comments or page text), the agent might attempt to follow those instructions instead of its original goal. The skill lacks explicit boundary markers or sanitization logic to mitigate this runtime risk.
Audit Metadata