Skills
skills/serkan-ozal/browser-devtools-skills/visual-testing/Gen Agent Trust Hub

visual-testing

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes bash commands through the browser-devtools-cli tool to perform browser automation tasks, such as navigating to web pages, capturing screenshots, and extracting DOM structures.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its inherent function of ingesting data from untrusted external websites.
  • Ingestion points: External data enters the agent's context through tools that retrieve content from URLs, specifically the navigation go-to, get-as-html, and get-as-text operations defined in SKILL.md.
  • Boundary markers: The instructions do not define delimiters or provide specific prompts to the agent to disregard potential instructions embedded within the retrieved HTML or text content.
  • Capability inventory: The agent possesses capabilities to manipulate browser sessions, capture screen data, and interact with the Figma API through the provided CLI.
  • Sanitization: There are no specified mechanisms for filtering or sanitizing the content obtained from remote web sources before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 03:43 AM