dogfood
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Vulnerability to indirect prompt injection from external web content. The skill utilizes
agent-browser snapshotandagent-browser consoleto ingest data from user-specified target URLs. There are no defined boundary markers or instructions to isolate the website's content from the agent's internal logic, making it possible for a malicious site to influence the agent's behavior or trigger unintended actions. - [COMMAND_EXECUTION]: The skill uses shell commands (
mkdir,cp,agent-browser) to manage the testing environment and report generation. While these commands are necessary for the skill's stated purpose, they provide a capability that could be abused if the agent's instructions are overridden by content encountered during the testing process.
Audit Metadata