Skills
skills/parandurume-labs/conductor/web-browser-review/Gen Agent Trust Hub

web-browser-review

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to automatically execute developer scripts found within the project's package.json file (e.g., npm run dev, npm start) to initialize the target environment. Running arbitrary scripts defined in a project carries a risk if the project source code is untrusted.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. It ingests data from external, potentially untrusted sources—specifically the content of the web application being reviewed and a local LESSONS.md file—to guide its actions.
  • Ingestion points: Web application content (retrieved via the /browse tool) and the LESSONS.md file.
  • Boundary markers: Absent. There are no instructions or delimiters provided to help the agent distinguish between data to be reviewed and potential instructions embedded within that data.
  • Capability inventory: The skill has significant capabilities, including Bash (shell command execution) and the ability to Read, Write, and Edit local project files.
  • Sanitization: Absent. The skill does not specify any validation or filtering of the content retrieved from the browser or lesson files before the agent uses it to determine and apply code fixes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 03:10 PM