Skills
skills/uabbasi/good-measure-giving/webapp-testing/Gen Agent Trust Hub

webapp-testing

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.Popen within the with_server decorator to programmatically start the local development server using npm run dev. This is a standard practice for automated testing workflows to ensure the target environment is active.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of content from the web application being tested, which introduces an attack surface for indirect prompt injection if the tested application contains untrusted data.
  • Ingestion points: Page content, titles, and element text are read into the agent's context using methods like page.content(), page.title(), and .text_content() in SKILL.md.
  • Boundary markers: The instructions do not define boundary markers or delimiters for separating the ingested web content from the agent's core instructions.
  • Capability inventory: The skill possesses capabilities for command execution via subprocess.Popen, file writing via page.screenshot, and network navigation via page.goto.
  • Sanitization: There are no explicit sanitization or validation steps for the data retrieved from the web application before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 01:20 AM