Skills
skills/thoreinstein/agents/web-quality-audit/Gen Agent Trust Hub

web-quality-audit

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill metadata identifies 'addyosmani' as the author, whereas the provided author context is 'thoreinstein'. This inconsistency in authorship metadata can be misleading regarding the skill's origin.
  • [COMMAND_EXECUTION]: The scripts/analyze.sh script is vulnerable to argument injection. It passes the $file variable directly to grep without using the -- delimiter. An attacker could use filenames starting with hyphens to inject flags into the grep command, potentially allowing the reading of unauthorized local files.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted HTML files.
  • Ingestion points: The scripts/analyze.sh script reads and analyzes the content of HTML files provided as input.
  • Boundary markers: While audit results are structured as JSON, the agent's subsequent processing of the content lacks explicit delimiters to ignore embedded instructions.
  • Capability inventory: The skill utilizes shell commands (grep, find) to inspect local files and report findings to the agent.
  • Sanitization: No sanitization is performed on the content read from the audited files before it is processed or presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 04:28 PM