Skills
skills/affitor/affiliate-skills/purple-cow-audit/Gen Agent Trust Hub

purple-cow-audit

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external websites and user-provided inputs, creating a surface for indirect prompt injection.
  • Ingestion points: External data is ingested via web_search for product reviews, competitors, and complaints, as well as the product input object containing a url and description (SKILL.md).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when processing or summarizing external data.
  • Capability inventory: The skill utilizes web_search for research. It does not have capabilities for file system modification, command execution, or arbitrary network requests.
  • Sanitization: No specific sanitization or validation logic is described for the content retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:33 AM