skills/adobe/skills/page-collect/Gen Agent Trust Hub

page-collect

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function is to ingest untrusted data from external websites.
  • Ingestion points: The page-collect-bundle.js script extracts document.title, metadata tags, and visible body text from arbitrary URLs.
  • Boundary markers: Extracted data is written to structured JSON files (metadata.json, text.json), but the individual string values within these files are raw and do not contain internal delimiters or 'ignore' instructions.
  • Capability inventory: The skill can execute shell commands via playwright-cli and write files to the local filesystem using node:fs (found in scripts/page-collect.js).
  • Sanitization: The icon collector performs regex-based optimization on SVG content, but general text and metadata extraction does not perform sanitization of the scraped content. The skill provides an 'External content warning' in the documentation.
  • [COMMAND_EXECUTION]: The skill executes the playwright-cli tool to interact with the browser and perform extraction.
  • Evidence: spawnSync('playwright-cli', ...) is used in scripts/page-collect.js to open target URLs and run extraction logic. The skill supports both http(s):// and file:// protocols, the latter allowing the tool to be used for auditing local files.
  • [EXTERNAL_DOWNLOADS]: The browser-side bundle performs network requests to resolve remote assets.
  • Evidence: The resolveImgSvg function in scripts/page-collect-bundle.js uses the browser's fetch() API to download SVG image data from external sources during the icon collection process.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 09:02 AM
Security Audit — agent-trust-hub — page-collect