review-design

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Uses agent-browser to interact with live websites, taking screenshots and capturing accessibility trees for analysis. It also utilizes git and the GitHub CLI (gh) to scope audits to specific commits or pull requests.
  • [EXTERNAL_DOWNLOADS]: Recommends the installation of the agent-browser package from the official NPM registry if the tool is not detected on the system. This is an instructional step for the user rather than an automated execution of remote code.
  • [SAFE]: The skill processes external content from URLs and source code files. While this creates a surface for indirect prompt injection, the skill's logic is limited to generating a report. It does not perform sensitive operations that could be exploited by malicious content within the audited data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 05:47 PM
Security Audit — agent-trust-hub — review-design