guidewright-review
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements security best practices by explicitly instructing the agent to avoid reading sensitive local files like .env for credentials, instead directing the agent to request them from the user.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it executes actions in a browser based on external documentation content. 1. Ingestion points: Document repositories, pull requests, and raw text input (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Navigation and UI interaction via chrome-devtools-mcp tools (SKILL.md). 4. Sanitization: Absent.
Audit Metadata