blog-brief
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on external web data.
- Ingestion points: Untrusted data enters the agent context through competitive analysis (Step 3) and statistics research (Step 4), where the agent searches for and reads content from external websites.
- Boundary markers: The instructions do not define boundary markers or delimiters to help the agent distinguish between search data and its own instructions, nor is there a warning to ignore instructions embedded in retrieved data.
- Capability inventory: The skill has the capability to write the resulting brief to a local file in the
briefs/directory. - Sanitization: There are no instructions for the agent to sanitize, escape, or validate the content retrieved from the web before processing it into the final output.
Audit Metadata