web-research
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted external content retrieved via the
webSearchtool. - Ingestion points: Data enters the context through the
webSearchtool results as described in SKILL.md. - Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the search results.
- Capability inventory: The skill is restricted to information retrieval and presentation; no capabilities for file modification, arbitrary code execution, or network exfiltration are present in the provided file.
- Sanitization: Absent. There are no requirements for the agent to sanitize or validate the content of the search results before processing or presenting them.
Audit Metadata