design-iterator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
agent-browserCLI commands to automate browser tasks such as opening URLs, taking screenshots, and scrolling elements into view. - [EXTERNAL_DOWNLOADS]: The skill is designed to navigate to external websites for competitor research, which functions as an ingestion point for untrusted external data.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. Ingestion points: External URLs visited during research and local code files read for analysis. Boundary markers: No specific delimiters or instructions are used to isolate content from instructions. Capability inventory: The skill can read and modify files and navigate the web. Sanitization: There is no evidence of sanitization or validation of the content being analyzed.
Audit Metadata