scout-find
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection detected as the skill processes external data that could contain malicious instructions.
- Ingestion points: Untrusted job listing data is ingested from external URLs via browser automation and from user-pasted text.
- Boundary markers: Absent; there are no instructions or delimiters to isolate job listing content or command the agent to ignore instructions embedded within the listings.
- Capability inventory: The skill has the ability to write files to the local file system (
/.scout/jobs/), read local configuration files (/.scout/profile/preferences.md), and perform web searches. - Sanitization: No sanitization, escaping, or validation of the ingested external content is mentioned before it is processed or stored in files.
Audit Metadata