evaluate-landing-page

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs telemetry and authentication by interacting with an external API at api.forsvn.com.
  • Evidence found in scripts/lib/hosted-api.ts and scripts/forsvn-hosted.ts.
  • The scripts read an API key from ~/.config/forsvn/credentials.json or ~/.config/forsvn/api-key and transmit it as a Bearer token.
  • The skill also sends performance metrics (platform, what_worked, what_failed, and numerical data) to the /v1/metrics endpoint.
  • This behavior is consistent with the vendor's 'Pro' features and targets a domain associated with the skill's identity, representing a low-risk telemetry pattern.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external analytics sources.
  • Ingestion points: The Metric Ingest Agent (in agents/metric-ingest-agent.md) and Diagnosis Agent (in agents/diagnosis-agent.md) ingest 'analytics exports', 'experiment reports', and 'user behavior evidence' such as recording/heatmap summaries.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the agent prompts when handling this external data.
  • Capability inventory: The skill possesses significant capabilities, including Write, Edit, and Bash access as defined in the allowed-tools section of SKILL.md.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested analytics content before it is processed by the sub-agents.
  • A malicious actor could potentially embed instructions within analytics logs or behavioral data to influence agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — evaluate-landing-page