launchfast-full-research-loop
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill creates and saves a standalone HTML report to the local file system, typically in the user's Downloads folder. This involves standard file system write operations.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by aggregating data from external tool outputs and embedding it into a generated HTML file without explicit sanitization.
- Ingestion points: Data is retrieved from mcp__launchfast__research_products, mcp__launchfast__ip_check_manage, mcp__launchfast__supplier_research, and mcp__launchfast__amazon_keyword_research tools (SKILL.md).
- Boundary markers: There are no delimiters or instructions to disregard potential instructions embedded within the retrieved product titles, supplier names, or trademark data.
- Capability inventory: The skill has the capability to write files to the local file system for report generation (SKILL.md, Phase 5).
- Sanitization: No sanitization or escaping of the tool output is performed before it is interpolated into the HTML report template, which could be exploited if the external data sources contain malicious scripts.
Audit Metadata