brand-onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Employs Playwright to automate web browsing, capture screenshots, and read page content from user-provided URLs and Instagram handles.
- [EXTERNAL_DOWNLOADS]: Fetches data and images from external websites and Instagram profiles, saving them to the local assets/ and context/ directories.
- [PROMPT_INJECTION]: Susceptible to indirect prompt injection as it processes untrusted content from the web. * Ingestion points: Website homepage, about pages, and Instagram profiles accessed via Playwright (SKILL.md). * Boundary markers: Absent. * Capability inventory: File system writes to create directories and save images, screenshots, and markdown documentation (SKILL.md). * Sanitization: Absent. No validation or filtering of extracted web content is specified.
Audit Metadata