web-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Instructional Nature (SAFE): The skill consists entirely of markdown text outlining a research process. It does not contain any executable scripts, binary files, or configuration files that could be used for malicious purposes.
- Absence of Dependencies (SAFE): No Python packages, Node.js packages, or external script downloads are referenced or required by the skill.
- No Command Execution (SAFE): There are no shell commands, subprocess calls, or system-level operations defined within the instructions.
- Indirect Prompt Injection Surface (LOW): The skill encourages the use of web search tools to gather information from the internet. This introduces an inherent surface for indirect prompt injection from external websites, though the skill itself does not provide any vulnerable prompt templates or code to handle this data.
- Ingestion points: Step 2 (Gather Information) directs the agent to use web search tools.
- Boundary markers: Not specified.
- Capability inventory: Relies on existing agent search tools; no internal capabilities.
- Sanitization: Not specified in the methodology.
Audit Metadata