Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface.
- Ingestion points: Untrusted data is retrieved from external websites using the
WebSearchandWebFetchtools as specified in the metadata ofSKILL.md. - Boundary markers: There are no delimiters or explicit instructions provided to ensure the agent ignores or sanitizes instructions that might be embedded in the fetched content.
- Capability inventory: The skill grants the agent the ability to read and integrate arbitrary external content from any URL into its reasoning context.
- Sanitization: The skill lacks any mechanism for filtering or sanitizing the content fetched via
WebFetchbefore it is processed.
Audit Metadata