resilience-review
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic is consistent with its stated purpose of resilience testing and fault injection. No obfuscation, credential theft, or malicious commands were detected.
- [COMMAND_EXECUTION]: The skill uses browser automation and code blocks to simulate API failures and network timeouts. These operations are essential for verifying application error handling and are scoped to the testing process.
- [PROMPT_INJECTION]: The skill analyzes data from external web applications, which creates a surface for indirect prompt injection.
- Ingestion points: Target application DOM, browser console logs, and intercepted API response bodies.
- Boundary markers: No explicit delimiters are used to separate application content from agent instructions.
- Capability inventory: Browser interaction (new_session, page.route), file system access for reports (shiplight/ directory), and console log retrieval.
- Sanitization: No explicit sanitization or filtering of application content is performed before processing.
Audit Metadata