web-research
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: This skill is susceptible to indirect prompt injection because it processes content from untrusted external websites, which could contain malicious instructions designed to influence the agent's behavior. Ingestion points: Content extracted from third-party websites during the research process (SKILL.md). Boundary markers: None explicitly defined to separate untrusted web content from agent instructions. Capability inventory: Browser automation for navigation and reading web pages (SKILL.md). Sanitization: No sanitization or validation methods for external content are described.
- [NO_CODE]: The skill consists entirely of documentation and metadata without any accompanying executable scripts or dependency files.
Audit Metadata