popup-cro
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (INFO): This skill is entirely instructional and written in Markdown. It does not contain any scripts, executable commands, or logic for the agent to run code, which removes the risk of RCE or command injection.
- [PROMPT_INJECTION] (SAFE): No patterns of instruction override, jailbreak attempts, or system prompt extraction were found. The 'expert' persona is used for task-specific guidance only.
- [DATA_EXPOSURE] (SAFE): The skill does not request or access sensitive local files, environmental variables, or hardcoded credentials.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill involves processing user-provided descriptions of website behavior (an ingestion point), the agent has no capabilities (network, file-write, or subprocess execution) to perform harmful actions even if the input contained malicious instructions.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote resources or external dependencies are referenced or downloaded.
Audit Metadata