seatmaps
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
agent-browserutility from the public npm registry. - [COMMAND_EXECUTION]: The skill utilizes the
agent-browserCLI to perform web automation tasks, such as navigating to specific URLs, filling search forms, and capturing snapshots of external content. These operations are explicitly scoped within theallowed-toolssection of the manifest. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of fetching and processing content from external websites.
- Ingestion points: Data is ingested from
seatmaps.comandaerolopa.comvia theagent-browser snapshot -ccommand inSKILL.md. - Boundary markers: The instructions do not define delimiters or provide specific warnings to the agent to disregard potential instructions or malicious patterns found within the fetched web content.
- Capability inventory: The skill is authorized to use
agent-browserfor browser automation, which includes interacting with forms and extracting page content. - Sanitization: There is no evidence of data sanitization or validation being performed on the content retrieved from external sources before it is interpreted by the agent.
Audit Metadata