blog-strategy
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its competitive analysis workflow.
- Ingestion points: The skill instructions direct the agent to use
WebSearchandWebFetchto analyze competitor blog content and AI-generated responses (Step 2). - Boundary markers: The prompt lacks explicit boundary markers or instructions to isolate external data from system instructions, creating a risk that malicious content on a scanned website could be interpreted as agent commands.
- Capability inventory: The skill is configured with broad permissions, including access to
Bash,Write, andTasktools, which increases the potential impact of a successful injection. - Sanitization: There is no evidence of sanitization or validation of the content retrieved from external URLs before it enters the agent's context.
Audit Metadata