remove-model-cliche
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from both user input and web search results. Ingestion points: User-provided text for editing and external data retrieved via the web_search tool. Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the processed text. Capability inventory: The agent can perform web searches and write to the local file system. Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed or written to files.
Audit Metadata