Skills
skills/shiplightai/agent-skills/triage/Gen Agent Trust Hub

triage

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes npx shiplight test to run the test suite and verify fixes. This is the intended primary function of the tool for test reproduction and verification.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests untrusted data from the application under test, including DOM structures via inspect_page, browser console logs, and network logs. This content could theoretically contain instructions designed to influence the agent's diagnosis or the YAML fixes it generates.
  • Ingestion points: Browser session data (DOM, logs, network) accessed in Phase 3.
  • Boundary markers: None explicitly defined in the instructions for ingested web content.
  • Capability inventory: Shell execution (npx shiplight), browser interaction (act), and file writes (modifying .test.yaml files).
  • Sanitization: Not specified; the agent relies on its internal logic to interpret the UI state.
  • [SAFE]: The skill's file-writing operations are restricted to updating existing YAML test files and generating markdown/HTML reports in a local directory (shiplight-report/), which is standard behavior for testing tools.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 05:43 PM