Skills
skills/aws-samples/sample-strands-agent-with-agentcore/wikipedia-search/Gen Agent Trust Hub

wikipedia-search

Pass

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to fetch content from Wikipedia, which is an attacker-controllable source. Malicious actors could edit articles to include hidden instructions for the agent.\n
  • Ingestion points: The wikipedia_get_article tool returns external content from Wikipedia articles.\n
  • Boundary markers: Absent. No specific delimiters or "ignore instructions" directives are provided for the fetched content.\n
  • Capability inventory: The skill is limited to information retrieval and citation formatting. It does not possess file-writing, network-sending (to non-Wikipedia domains), or system-command capabilities.\n
  • Sanitization: Absent. No filtering or validation is performed on the article text before it is presented to the agent.\n- No Code Implementation (LOW): The skill only contains tool definitions in markdown and lacks executable code or scripts, which limits the immediate risk of direct malicious command execution from the skill itself.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 15, 2026, 05:40 PM