Skills
skills/arinhubcom/arinhub/ah-fix-dom-flash/Gen Agent Trust Hub

ah-fix-dom-flash

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from the active web page during its analysis phase, exposing the agent to potential indirect prompt injection.
  • Ingestion points: The skill reads element text and metadata from the browser using mcp__chrome-devtools__evaluate_script and mcp__chrome-devtools__take_snapshot in SKILL.md.
  • Boundary markers: No specific delimiters or instructions are used to isolate page-derived text from the agent's internal logic, increasing the risk of the agent obeying instructions embedded in the webpage.
  • Capability inventory: The skill possesses the ability to navigate to arbitrary URLs, evaluate arbitrary JavaScript in the browser context, and perform UI interactions like clicking and dragging.
  • Sanitization: While element text is truncated to 60 characters for display, it is not sanitized to detect or prevent malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 09:51 AM