test
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions attempt to override agent safety protocols. While the skill mentions testing for vulnerabilities like XSS and SQL injection, these are framed as inputs for external application testing, not as payloads targeting the agent.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file paths, or network operations were detected. Mentions of Stripe test card numbers are standard public testing data.
- [REMOTE_CODE_EXECUTION] (SAFE): No remote code execution patterns or script downloads are present. Tools like Gremlins.js are mentioned for reference only.
- [COMMAND_EXECUTION] (SAFE): The skill contains no system command execution. A small JavaScript snippet is provided for browser console use during manual testing, which is benign in this context.
- [EXTERNAL_DOWNLOADS] (SAFE): No external dependencies are fetched or installed during skill usage.
Audit Metadata