competitor-visual
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the analysis of external web content.\n
- Ingestion points: External competitor websites are accessed via browser_navigate as defined in Step 2 of the process.\n
- Boundary markers: The instructions lack explicit delimiters or guidance to ignore embedded instructions within the fetched website content.\n
- Capability inventory: The agent can write findings to competitive-intel.md and research-log.md, and save image files to the local directory research-skills/screenshots/.\n
- Sanitization: There is no evidence of sanitization or filtering of CSS properties or other data extracted from target websites before processing.\n- [COMMAND_EXECUTION]: The skill uses Playwright automation tools (browser_navigate, browser_evaluate, browser_click, browser_resize) to programmatically interact with and extract metadata from websites. This behavior is aligned with the stated objective of design analysis.
Audit Metadata