web-js-reverse-master-flow
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to analyze and process data from external, untrusted web pages and JavaScript code.
- Ingestion points: The skill takes a URL, target request data, cookies, and messages from external websites as primary inputs in the 'Input Block' section.
- Boundary markers: There are no explicit instructions or delimiters provided to the agent to distinguish between its own operational instructions and potentially malicious instructions embedded in the target website's code or responses.
- Capability inventory: The agent is authorized to use multiple MCPs (chrome-devtools-mcp, js-reverse, jshook) that allow it to execute commands, interact with live browser sessions, and write analysis records to the local file system (e.g., in the 'reverse-records/' directory).
- Sanitization: The instructions do not define any sanitization or validation protocols for the external content before it is processed by the agent or stored in records.
Audit Metadata