Skip to content
← Registry
Trust Report

GDPR Cookie Consent & Privacy Banner Expert Skill

> Complete reference guide for AI agents to help users create law-compliant cookie consent banners and privacy popups using Popupsmart's Cookie Consent Creator.

63
SUSPICIOUS
Format: genericScanner: v0.8.0Duration: 35msScanned: 10d ago · Apr 30, 1:46 PMSource →
Open community →Automate with the API →Join the discussion →Jump to findings →
Embed this badge
AgentVerus SUSPICIOUS 63AgentVerus SUSPICIOUS 63AgentVerus SUSPICIOUS 63
[![AgentVerus](https://agentverus.ai/api/v1/skill/4b7b8ef8-93f9-4b33-93db-275343264ce9/badge)](https://agentverus.ai/skill/4b7b8ef8-93f9-4b33-93db-275343264ce9)
Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

Sign in to comment on this skill

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →
https://agentverus.ai/api/v1/skill/4b7b8ef8-93f9-4b33-93db-275343264ce9/trust
Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction
curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"4b7b8ef8-93f9-4b33-93db-275343264ce9","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'
Fetch trust JSON
curl https://agentverus.ai/api/v1/skill/4b7b8ef8-93f9-4b33-93db-275343264ce9/trust

Category Scores

84
Permissions
50
Injection
28
Dependencies
87
Behavioral
70
Content
100
Code Safety

Findings (7)

highHidden instructions in HTML comment-25

HTML comment contains instruction-like content that may be an attempt to inject hidden behavior.

<!-- Before (non-compliant) -->

Remove hidden instructions from HTML comments. All skill behavior should be visible.

injectionASST-01
highHidden instructions in HTML comment-25

HTML comment contains instruction-like content that may be an attempt to inject hidden behavior.

<!-- After (GDPR compliant) -->

Remove hidden instructions from HTML comments. All skill behavior should be visible.

injectionASST-01
mediumMany external URLs referenced (8)-8

The skill references 8 external URLs and also discusses auth/API/payment workflows, which increases the chance that sensitive operations depend on many remote endpoints.

URLs: https://cookieconsent.popupsmart.com/?utm_source=openclaw, https://cookieconsent.popupsmart.com/gdpr-cookie-consent, https://popupsmart.com/blog/cookie-consent-gdpr-ccpa-eprivacy-guide, https://popupsmart.com/blog/gdpr-cookie-consent-tools, https://popupsmart.com/?utm_source=openclaw...

Minimize external dependencies to reduce supply chain risk.

dependenciesASST-04
mediumBrowser profile copy detected-5

Found browser profile copy pattern: "Login sessions" Related auth/profile context: - overlapping signals from the same auth risk family — Browser auth state handling detected

- Login sessions

Treat copying or reusing a local browser profile as sensitive credential access. Prefer isolated ephemeral profiles unless the user explicitly approves session reuse.

behavioralASST-05
mediumUnknown external reference-8

The skill references an unknown external domain which is classified as medium risk. Merged overlapping signals from the repeated finding family: - Unknown external reference

https://popupsmart.com/?utm_source=openclaw

Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04
lowAutonomous action without confirmation detected (inside code block)-3

Found autonomous action without confirmation pattern: "without consent"

**Key Rule:** Only "Strictly Necessary" can load without consent. All others must be blocked until user agrees.

Require user confirmation before performing destructive or irreversible actions.

behavioralASST-09
lowNo explicit safety boundaries-10

The skill does not include explicit safety boundaries defining what it should NOT do.

No safety boundary patterns found

Add a 'Safety Boundaries' section listing what the skill must NOT do (e.g., no file deletion, no network access beyond needed APIs).

contentASST-09