lead-research-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection vulnerability detected. Ingestion points: The skill analyzes local codebase files and external web search results (company websites, LinkedIn profiles). Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions within the processed data. Capability inventory: The agent can read local files and perform network searches. Sanitization: No input sanitization or validation logic is present to handle untrusted content from the codebase or external searches.
- NO_CODE (SAFE): No executable code, scripts, or binary files were found within the skill. The logic is entirely instruction-based.
Audit Metadata