hydration-guardian
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Surface for indirect injection via browser interaction. • Ingestion points: Browser DOM and console logs during Sensory Verification Protocol (SKILL.md). • Boundary markers: Absent; the agent is not instructed to disregard instructions found in the audited page. • Capability inventory: Browser navigation and script execution via browser-use. • Sanitization: No sanitization of ingested console messages or DOM text before processing.
- Dynamic Execution (LOW): Simple JavaScript templates are generated for execution in the browser environment. • Evidence: auditHydration script in SKILL.md and Flash Detector script in references/1-sensory-validation.md.
Audit Metadata