elite-audit
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to audit external web implementations, creating a surface for indirect prompt injection.\n
- Ingestion points: The agent analyzes code or live sites ("web implementations") as part of its primary audit function in
SKILL.md.\n - Boundary markers: No specific delimiters or safety instructions are provided to help the agent distinguish between its audit rules and potentially malicious instructions embedded in the audited content.\n
- Capability inventory: The agent is empowered to execute CLI tools (Lighthouse, etc.) and invoke subsequent remediation skills (e.g.,
elite-accessibility) based on the audit results.\n - Sanitization: The skill does not specify procedures for sanitizing external data before processing.\n- [EXTERNAL_DOWNLOADS]: The skill recommends using well-known developer tools and performance testing services.\n
- Evidence: References to
npx lighthouse,npx unlighthouse,npx vite-bundle-visualizer, andnpx source-map-explorerinSKILL.md.\n - Evidence: References to industry-standard services such as WebAIM, BrowserStack, and WebPageTest.\n- [NO_CODE]: This skill contains no executable scripts. It is composed entirely of Markdown documentation and reference files (e.g.,
critical-rules.md,pre-launch-checklist.md) used to guide the agent's behavior.
Audit Metadata