market-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [No Code] (SAFE): The skill is purely instructional markdown text within a SKILL.md file. It does not include any Python scripts, Node.js code, shell commands, or configuration files that could be executed by an agent.
- [Prompt Injection] (LOW): This skill exhibits a surface for Indirect Prompt Injection (Category 8) because it instructs the agent to use web search to gather data.
- Ingestion points: Web search results (as specified in the Guidelines section of SKILL.md).
- Boundary markers: Absent; there are no specific delimiters or instructions to the agent to disregard commands found within searched content.
- Capability inventory: None; the skill does not define any tools, subprocess calls, file writes, or network operations beyond the implied search tool.
- Sanitization: Absent; the skill does not provide methods for escaping or validating external content before processing it.
Audit Metadata