Skills
skills/winstonkoh87/athena-public/visual-verify-ui/Gen Agent Trust Hub

visual-verify-ui

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external URLs which could contain malicious instructions.
  • Ingestion points: The 'test ' argument allows the agent to navigate to and process content from any web address (SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters to tell the agent to ignore any potential instructions found within the target website's content.
  • Capability inventory: The skill uses the 'Browser' tool and has access to 'Bash' and 'Read' tools, providing a surface for following injected instructions (SKILL.md).
  • Sanitization: The skill does not describe any mechanism to sanitize or validate the content retrieved from the target URL before it is returned to the main protocol loop.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 06:19 AM