ai-content-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to fetch and process data from external, untrusted web origins.
- Ingestion points: The agent is directed to retrieve content from external URLs (such as robots.txt, sitemap.xml, and llms.txt) for analysis using diagnostic tools like curl.
- Boundary markers: The provided instructions do not include specific delimiters or directives for the agent to ignore or isolate instructions that may be embedded within the retrieved external files.
- Capability inventory: The skill possesses capabilities for performing network requests via curl and providing various system configuration snippets (Nginx, Apache, WAF) to the user.
- Sanitization: There is no mechanism described for sanitizing or validating the structure of the content fetched from external URLs before it is processed by the agent.
Audit Metadata