Skills
skills/zai-org/glm-v/glmv-web-replication/Gen Agent Trust Hub

glmv-web-replication

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection as it processes untrusted data from external websites.
  • Ingestion points: HTML, text, and element metadata retrieved from target URLs via agent-browser as described in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are used to separate scraped content from agent instructions.
  • Capability inventory: The skill uses the Bash tool and browser automation capabilities.
  • Sanitization: No evidence of sanitization or filtering of the scraped content is present.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands through the Bash tool to create local directories for the website blueprint and to download assets.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to download various file types (images, videos, fonts) from user-specified target websites during the documentation phase.
  • [SAFE]: The skill includes positive security features such as a mandatory user confirmation step for legal authorization and explicit instructions to avoid scraping behind authentication walls or collecting personal data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:13 AM
Security Audit — agent-trust-hub — glmv-web-replication