skills/ziniao-open/skills/ziniao-page/Gen Agent Trust Hub

ziniao-page

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides the ability to execute arbitrary JavaScript within the browser context via the page exec command and the exec step in the automation run workflow. This is a functional requirement for advanced browser automation.
  • [COMMAND_EXECUTION]: The utility download command enables the agent to write specified content to the local filesystem (specifically the downloads directory) using the --content and --filename flags.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external websites via page content and page extract commands, creating an indirect prompt injection surface.
  • Ingestion points: Untrusted data enters the agent context through page content extraction in SKILL.md and related references.
  • Boundary markers: No explicit instructions are provided to the agent to treat extracted web content as untrusted or to isolate it with delimiters.
  • Capability inventory: The skill includes navigation, interaction, script execution (page exec), and file writing (utility download).
  • Sanitization: No validation or sanitization of external content is mentioned before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:44 AM