Lead Gatherer Skill
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function involves researching untrusted external websites and processing that data into structured CSV files. Maliciously crafted content on these websites could potentially override the agent's instructions or corrupt the collected data.
- Ingestion points: External website analysis and background verification as defined in SKILL.md.
- Boundary markers: There are no boundary markers or instructions present to delimit external content or warn the agent against obeying instructions found within researched data.
- Capability inventory: The skill has the capability to create, use, and manage CSV files within the /agent/ directory as specified in SKILL.md.
- Sanitization: While the skill mandates stripping PII, it lacks any validation or sanitization mechanisms for instructions or malicious text patterns within the ingested external data.
Audit Metadata