wikipedia-research
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified. The skill implements legitimate networking research functionality using established patterns for tool execution within the agent framework.
- [COMMAND_EXECUTION]: The skill executes local Python commands to interact with its Wikipedia retrieval script. This is the standard and intended behavior for this type of skill.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill retrieves data from Wikipedia. (1) Ingestion points: Wikipedia article content retrieved via
get_content,get_summary, andsearch_pagestools. (2) Boundary markers: No explicit delimiters or warnings are present in the provided examples. (3) Capability inventory: The agent can execute local commands via its MCP interface. (4) Sanitization: No explicit filtering of external content is performed. This surface is expected for information retrieval tools and is assessed as safe in this context.
Audit Metadata