news-summary
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes arbitrary text from external websites.
- Ingestion points: The
webFetchtool (referenced in the workflow) retrieves content from external URLs provided by the user. - Boundary markers: The prompt lacks explicit delimiters or instructions to the agent to disregard any commands or directives found within the fetched article content.
- Capability inventory: The skill utilizes the
webFetchcapability to ingest data from the web. - Sanitization: There is no evidence of input validation or sanitization to filter out potentially malicious prompt overrides embedded in the news text.
Audit Metadata