Skills
skills/team2027/skills/ui-test/Gen Agent Trust Hub

ui-test

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes the Bash tool to perform system operations including directory creation, git diff analysis, branch checkouts, and project dependency installation (npm install, yarn install). It also controls browser sessions via the browse CLI.- [EXTERNAL_DOWNLOADS]: Fetches the axe-core accessibility testing library from cdnjs.cloudflare.com (a well-known CDN) to conduct automated audits.- [REMOTE_CODE_EXECUTION]: Executes JavaScript snippets within the browser context using browse eval to verify page state, extract performance metrics, and perform accessibility audits.- [PROMPT_INJECTION]: Susceptible to indirect prompt injection (Category 8) due to its core functionality of processing untrusted web content and code diffs.
  • Ingestion points: Browser accessibility trees and page snapshots (SKILL.md), git diff output (SKILL.md).
  • Boundary markers: None applied to ingested page content; uses structured STEP_PASS and STEP_FAIL markers for output reporting.
  • Capability inventory: Full shell access via Bash tool and agent delegation via Agent tool.
  • Sanitization: No sanitization of processed external data before interpolation into prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:05 AM
Security Audit — agent-trust-hub — ui-test