information-search-knowledge-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface detected. The skill's core functionality involves ingesting untrusted data from the internet which could contain malicious instructions.
- Ingestion points: The skill crawls authoritative tech media, community forums (Reddit, Hacker News, X/Twitter), and official documentation.
- Boundary markers: Absent. The instructions do not specify any delimiters or warnings to the agent to ignore instructions that might be embedded in the retrieved web content.
- Capability inventory: The skill utilizes network read capabilities (searching) and file write capabilities (saving to
_knowledge_base/directories). - Sanitization: Absent. There is no requirement or logic provided to sanitize or validate the content retrieved from external sources before processing or saving it.
- [No Code] (SAFE): The skill consists entirely of instructional markdown and does not include any executable scripts, binaries, or configuration files that could hide malicious logic.
Audit Metadata