researchers-journalism
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a vulnerability surface for indirect prompt injection because it retrieves untrusted data from the web and possesses the capability to write to the local filesystem.\n- Ingestion points: Data enters through WebFetch and WebSearch tool calls to journalistic and news websites as described in the search patterns and source hierarchies in SKILL.md and SOURCE_EXTRACTION.md.\n- Boundary markers: The instructions do not specify delimiters or ignore-embedded-instructions warnings for the content fetched from the web.\n- Capability inventory: The skill is granted Write, Edit, and Read permissions on the local filesystem to document research findings.\n- Sanitization: No explicit sanitization or validation of the retrieved web content is performed before processing or outputting to files.
Audit Metadata