search-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process content from external web sources as part of its 'WebFetch' and 'search specialist' workflows. This creates an attack surface for indirect prompt injection, where malicious instructions hidden in a website could attempt to hijack the agent's behavior during information synthesis.
- Ingestion points: External web content, search results, and citation trails (SKILL.md).
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within retrieved data.
- Capability inventory: Web content extraction, parsing, and data synthesis.
- Sanitization: There are no explicit steps provided for sanitizing or validating the safety of content retrieved from the web.
- [NO_CODE]: This skill consists solely of markdown instructions and does not include any executable scripts, package dependencies, or direct command-line executions.
Audit Metadata