ziniao-workflow-store-patrol
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill relies on the vendor-provided ziniao-cli tool to perform its stated tasks. All command executions and file system interactions, such as saving screenshots to the relative ./patrol/ directory, are consistent with the skill's described purpose of store patrolling.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its capability to extract and process data from external websites. This is a functional requirement for its task. Ingestion points: Web content retrieved by ziniao-cli page extract and ziniao-cli page content as specified in SKILL.md. Boundary markers: Not present; the skill instructs the agent to process the external data directly into a summary table. Capability inventory: Includes local file writes for screenshots and browser automation via the vendor CLI. Sanitization: No explicit validation or filtering of the ingested web content is performed by the skill itself.
Audit Metadata