research-lookup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted external data from the web via the Perplexity API. * Ingestion points: lookup.py takes user input as research queries. * Boundary markers: No delimiters or ignore instructions are visible in the provided wrapper code. * Capability inventory: The visible scripts only perform console output; no dangerous file system or network write capabilities are exposed in the reviewed files. * Sanitization: External data is displayed directly without sanitization.
- [Dynamic Execution] (LOW): lookup.py modifies sys.path to dynamically load modules from a relative subfolder.
- [Missing Source Content] (LOW): The file scripts/research_lookup.py is referenced and required for operation but was not provided, limiting the scope of the security audit.
Audit Metadata