test-site
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Local Script Execution: The skill runs specific Node.js scripts residing in the plugin's internal directory to check for version updates and verify site activation status. These operations are restricted to internal maintenance and configuration checks.
- Web Content Interaction: This tool interacts with external websites by taking snapshots and reading console logs to verify page integrity. While this introduces external data into the agent's context, the logic is strictly focused on identifying error codes and navigation links for testing purposes.
- Delegated Authentication: The skill is designed to avoid handling sensitive credentials. It identifies when a site requires login and instructs the user to perform authentication manually within the browser, ensuring that the agent remains outside the security boundary for credentials.
Audit Metadata