ziniao-workflow-store-patrol

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill relies on the vendor-provided ziniao-cli tool to perform its stated tasks. All command executions and file system interactions, such as saving screenshots to the relative ./patrol/ directory, are consistent with the skill's described purpose of store patrolling.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its capability to extract and process data from external websites. This is a functional requirement for its task. Ingestion points: Web content retrieved by ziniao-cli page extract and ziniao-cli page content as specified in SKILL.md. Boundary markers: Not present; the skill instructs the agent to process the external data directly into a summary table. Capability inventory: Includes local file writes for screenshots and browser automation via the vendor CLI. Sanitization: No explicit validation or filtering of the ingested web content is performed by the skill itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:31 AM