Skills
skills/ruvnet/ruflo/browser-screenshot-diff/Gen Agent Trust Hub

browser-screenshot-diff

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to download and run the ruvector@0.2.25 package from the NPM registry. This package is an official resource provided by the vendor for managing session containers.\n- [COMMAND_EXECUTION]: The skill executes shell commands via Bash to interact with the local filesystem and run the ruvector status checks.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface (Category 8) due to its processing of untrusted session data.\n
  • Ingestion points: The agent reads external data from trajectory.ndjson and browser accessibility snapshots.\n
  • Boundary markers: There are no explicit delimiters or boundary markers specified to isolate the session data from the agent's core instructions.\n
  • Capability inventory: The skill has access to powerful tools including Bash, file Write operations, and browser_eval for code execution.\n
  • Sanitization: No mechanisms for sanitizing or validating the contents of the session trajectory are implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 09:12 PM
Security Audit — agent-trust-hub — browser-screenshot-diff