icp-website-review
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its core function of analyzing external websites. Ingestion points: Target URLs and search results fetched via WebFetch and WebSearch (Step 2). Boundary markers: Absent; untrusted web content is not explicitly delimited. Capability inventory: The skill writes output files to the local directory (Output section). Sanitization: Absent; fetched content is processed directly for evaluation.
- [SAFE]: No malicious behavior, unauthorized command execution, or data exfiltration patterns were found.
Audit Metadata