evaluate-landing-page
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs telemetry and authentication by interacting with an external API at
api.forsvn.com. - Evidence found in
scripts/lib/hosted-api.tsandscripts/forsvn-hosted.ts. - The scripts read an API key from
~/.config/forsvn/credentials.jsonor~/.config/forsvn/api-keyand transmit it as a Bearer token. - The skill also sends performance metrics (
platform,what_worked,what_failed, and numerical data) to the/v1/metricsendpoint. - This behavior is consistent with the vendor's 'Pro' features and targets a domain associated with the skill's identity, representing a low-risk telemetry pattern.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external analytics sources.
- Ingestion points: The
Metric Ingest Agent(inagents/metric-ingest-agent.md) andDiagnosis Agent(inagents/diagnosis-agent.md) ingest 'analytics exports', 'experiment reports', and 'user behavior evidence' such as recording/heatmap summaries. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the agent prompts when handling this external data.
- Capability inventory: The skill possesses significant capabilities, including
Write,Edit, andBashaccess as defined in theallowed-toolssection ofSKILL.md. - Sanitization: There is no evidence of sanitization or filtering of the ingested analytics content before it is processed by the sub-agents.
- A malicious actor could potentially embed instructions within analytics logs or behavioral data to influence agent behavior.
Audit Metadata