market-research-html
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute local Python scripts via the Bash tool to generate report visuals. This establishes an automated command execution path for local code.
- [PROMPT_INJECTION] (LOW): The skill ingests untrusted data from the research-lookup tool and interpolates it into HTML documents without explicit sanitization or boundary markers, creating a surface for indirect prompt injection (Category 8). Evidence: (1) Ingestion point: research-lookup; (2) Boundary markers: Absent; (3) Capability inventory: Bash, Write; (4) Sanitization: Absent.
Audit Metadata