Skills
skills/arinhubcom/arinhub-dev-skills/ah-fix-dom-flash/Gen Agent Trust Hub

ah-fix-dom-flash

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from external web pages.\n
  • Ingestion points: scripts/flash-detector.js and scripts/lingering-fixed-elements.js collect textContent, data attributes, and CSS styles from elements on the page.\n
  • Boundary markers: There are no explicit delimiters or instructions to the agent to treat the collected DOM data as untrusted content.\n
  • Capability inventory: The skill has access to the chrome-devtools-cli toolset, allowing it to navigate the browser, evaluate scripts, and interact with page elements.\n
  • Sanitization: No sanitization or filtering is applied to the data collected from the page before it is presented to the agent.\n- [COMMAND_EXECUTION]: The skill uses dynamic execution to run its diagnostic logic within the browser context.\n
  • Evidence: The procedure in SKILL.md directs the agent to use chrome-devtools evaluate_script to execute the contents of the local scripts/ directory, such as flash-detector.js and collect-flash-results.js.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 01:36 AM