anygen-deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests untrusted data from external sources and has the capability to influence agent behavior through these inputs.\n
- Ingestion points: User-provided reference files uploaded via
scripts/anygen.py uploadand requirement analysis responses received from theprepareendpoint inscripts/anygen.py.\n - Boundary markers: Absent; external content is processed and presented to the agent without delimiters or instructions to ignore embedded commands.\n
- Capability inventory: The skill utilizes the
sessions_spawncapability inSKILL.mdfor background monitoring and performs network requests via therequestslibrary inscripts/anygen.py.\n - Sanitization: Absent; content retrieved from external sources is interpolated into prompts and displayed without filtering or validation.\n- [SAFE]: The skill implements security hardening by setting
allow_redirects=Falseon all network requests to prevent SSRF and ensures API keys are stored in a configuration file with restricted permissions (chmod 600). Network communication is limited to the author's official domain (anygen.io).
Audit Metadata