learn
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs automated research by searching and fetching content from the public internet.
- Evidence: The 'Research Methodology' and 'Just-In-Time Retrieval' sections describe using 'WebSearch' to find URLs and 'WebFetch' to download page content.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks due to its processing of third-party web content.
- Ingestion points: External data is ingested via the 'WebFetch' tool mentioned in the retrieval methodology (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions to the LLM to ignore control sequences within the gathered research material during the synthesis phase.
- Capability inventory: The skill can write files to the filesystem in the 'agent-knowledge/' directory and trigger external 'enhance-docs' and 'enhance-prompts' skills.
- Sanitization: While the skill extracts summaries rather than full content, it lacks specific sanitization logic to strip potentially malicious instructions from fetched content.
Audit Metadata