competitor-spy
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its core functionality of ingesting and analyzing untrusted external data.
- Ingestion points: The skill actively retrieves content from external competitor websites using 'web_fetch' and processes search engine results from 'web_search' (File: SKILL.md).
- Boundary markers: The instructions lack explicit boundary markers or directions for the agent to ignore potentially malicious commands or instructions that might be embedded within the retrieved website content.
- Capability inventory: The skill's capabilities are focused on information retrieval and analysis via 'web_fetch' and 'web_search'. It does not contain instructions for dangerous operations such as arbitrary command execution, file system modification, or persistent network connections to untrusted domains (File: SKILL.md).
- Sanitization: There is no evidence of content sanitization or validation protocols to filter out potentially harmful instructions from the external data before it is processed by the agent.
Audit Metadata