Skills
skills/beneathatree/skills/mock/Gen Agent Trust Hub

mock

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by treating external documentation as "non-negotiable ground truth."
  • Ingestion points: Reads DESIGN.md and PRODUCT.md from the project root directory.
  • Boundary markers: None identified; instructions command the agent to read the files "fully" and follow "every token."
  • Capability inventory: The skill has the ability to write HTML files to the local filesystem (in mocks/ and accepted/ directories) and execute browser automation commands.
  • Sanitization: The skill lacks explicit sanitization or instructions to ignore potential directives embedded within the grounding files.
  • [COMMAND_EXECUTION]: The skill performs shell-based operations to automate design reviews.
  • Command logic: Executes agent-browser for resizing, screenshotting, and capturing snapshots of generated HTML files.
  • System Interaction: Uses shell redirection (>) to save browser snapshots to disk.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 01:10 PM