Skills
skills/curiositech/some_claude_skills/claude-ecosystem-promoter/Gen Agent Trust Hub

claude-ecosystem-promoter

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill features a vulnerability surface for indirect prompt injection due to the combination of web data ingestion and powerful tool access.
  • Ingestion points: The skill utilizes mcp__firecrawl__firecrawl_search, mcp__brave-search__brave_web_search, WebFetch, and mcp__fetch__fetch to ingest untrusted content from the internet (File: SKILL.md).
  • Boundary markers: No explicit markers or instructions are provided to the agent to treat external content as data only or to ignore embedded instructions.
  • Capability inventory: Access to Bash, Write, Edit, and Read allows for potentially dangerous actions if the agent were influenced by malicious external input (File: SKILL.md).
  • Sanitization: The skill does not define any sanitization or validation mechanisms for retrieved content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 08:19 PM