content-script-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill contains instructional content for developers and does not include any commands to bypass safety filters or override agent behavior.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found. The skill explicitly recommends storing sensitive data in secure extension storage rather than the DOM.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not download external scripts or packages. All code provided consists of static snippets for local implementation.
- Obfuscation (SAFE): No encoded strings, hidden characters, or homoglyphs were detected in the instructions or code samples.
- Indirect Prompt Injection (LOW): While the skill assists in building tools that interact with third-party web pages (an inherent attack surface), it provides best-practice guidance such as using isolated worlds and throttled observers to maintain safety and performance. There are no patterns that would cause the agent itself to be compromised by processed data.
Audit Metadata