multi-search
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes arbitrary content from external websites and user-provided files.\n
- Ingestion points: Processes user documents via file-path inputs and external web content retrieved through the WebSearch and WebFetch tools as defined in the Processing Flow (Phase 1 and Phase 3) in SKILL.md.\n
- Boundary markers: The skill does not explicitly define delimiters or instructions to ignore embedded commands within the fetched external content.\n
- Capability inventory: The skill uses Task to spawn sub-agents, WebSearch/WebFetch for network access, and performs local file-system writes to create structured research directories and markdown files.\n
- Sanitization: No specific sanitization or validation of external web data is described before it is passed to the analysis agents.
Audit Metadata