crewai
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates patterns for interpolating untrusted external data (e.g., '{topic}') into agent goals and task descriptions, which constitutes a surface for indirect prompt injection.\n
- Ingestion points: Data is ingested through placeholders in 'config/agents.yaml' and 'config/tasks.yaml'.\n
- Boundary markers: The provided examples do not use delimiters or specific instructions to ignore embedded commands within the interpolated data.\n
- Capability inventory: The skill facilitates creating agents that utilize tools such as 'SerperDevTool' and 'WebsiteSearchTool' to fetch and process data.\n
- Sanitization: No input validation, escaping, or sanitization logic is demonstrated in the provided code snippets.
Audit Metadata