web-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions are focused on tool usage and formatting. There are no attempts to bypass safety filters or ignore prior instructions.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive files or perform network operations beyond its stated purpose of web searching via a standard tool.
- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted data from the web (search results). While this creates a theoretical surface for indirect prompt injection, the skill lacks high-risk capabilities like file system modification or arbitrary code execution that would make such an attack impactful. The citation rules also encourage the model to treat the data as external evidence.
- [No Code] (SAFE): No scripts (Python, JavaScript, Bash) or dependency manifests were included in the provided file. The analysis is based on the markdown instructions provided.
Audit Metadata