browser-qa
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill outlines procedures for interacting with external web content, which presents a surface for indirect prompt injection where instructions on a target website could attempt to hijack the agent's flow.
- Ingestion points: Content is ingested from target URLs provided to the agent for testing (SKILL.md).
- Boundary markers: Not present; the skill does not specify delimiters to isolate web content from agent instructions.
- Capability inventory: The skill uses browser tools for navigation, element interaction, and form submission (SKILL.md).
- Sanitization: No sanitization or filtering of remote content is documented.
- [SAFE]: The skill follows best practices for describing a QA workflow. It uses legitimate MCP tool references for browser automation and does not attempt to access sensitive local files or execute unauthorized commands.
Audit Metadata