webmcp-declarative-forms

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch documentation from https://webmachinelearning.github.io/webmcp/. This is a well-known technical site associated with the W3C Web Machine Learning Community Group and is considered a reputable source for specification data.
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the following factors:
  • Ingestion points: The agent is directed to fetch external documentation via WebFetch from webmachinelearning.github.io and perform WebSearch queries on Google/Chrome developer sites.
  • Boundary markers: The instructions do not specify explicit delimiters or 'ignore' commands to isolate external documentation content from the agent's primary instruction set.
  • Capability inventory: The skill allows the use of powerful tools including Bash, Write, and Edit, which could be targeted if fetched content contained malicious instructions.
  • Sanitization: There are no explicit requirements in the skill for the agent to sanitize or validate the content of the documentation before acting upon it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — webmcp-declarative-forms