city-tourism-website-builder
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from web search results to generate website content, which presents a surface for indirect prompt injection. * Ingestion points: Data from
websearchis used to populate the history, facts, and places sections of the generated HTML (SKILL.md). * Boundary markers: Absent. The skill does not use delimiters to isolate external content or instruct the agent to ignore instructions within the data. * Capability inventory: The skill utilizeswebsearchandcurlfor file operations and network requests across its scripts. * Sanitization: Absent. Content from the web is directly used to generate the website without filtering or validation. - [EXTERNAL_DOWNLOADS]: The skill interacts with external domains to fetch assets and upload content. * Fetches static map images from OpenStreetMap's official static map endpoint (well-known service). * Loads the Leaflet JavaScript library from unpkg.com (well-known service) within the generated HTML code. * Uploads generated HTML files to the vendor-owned domain
filedrop.besoeasy.comfor IPFS hosting.
Audit Metadata