national-expungement-expert
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to the way it handles external data retrieval.
- Ingestion points: Untrusted data enters the agent's context through the
WebSearchtool enabled in the skill's allowed-tools configuration. - Boundary markers: There are no explicit delimiters or system-level instructions provided to the agent to treat search results as data rather than instructions.
- Capability inventory: The skill has access to
Task,Read,Glob, andGrepacross the SKILL.md and references/state-eligibility-matrix.md files, allowing it to process and act upon ingested data. - Sanitization: No sanitization or validation logic is present to filter malicious prompts from search results before they are processed by the agent.
- [SAFE]: No instances of hardcoded credentials, sensitive file access (e.g., SSH keys, environment variables), or unauthorized remote code execution were found in the skill's metadata or core knowledge files.
Audit Metadata