icon-retrieval
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The script
scripts/search.jsperforms network operations usingfetch()to access the non-whitelisted domainwww.weavefox.cnand follows arbitrary URLs returned by that API. While no sensitive local data is targeted, these outbound connections are noted. - [Indirect Prompt Injection] (LOW): The skill ingests untrusted content from an external service, which could potentially contain malicious instructions embedded in SVG metadata or comments.
- Ingestion points:
scripts/search.jsfetches data from the Weavefox API and subsequent icon URLs. - Boundary markers: Absent; the raw SVG content is returned to the agent without delimiters or warnings.
- Capability inventory: The skill is restricted to read operations and console output; it lacks the ability to write files or execute system commands.
- Sanitization: Absent; the script does not sanitize or filter the content retrieved from remote URLs.
Audit Metadata