Skills
skills/ericgandrade/claude-superskills/us-program-research/Gen Agent Trust Hub

us-program-research

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for Indirect Prompt Injection because it processes content from untrusted external sources.
  • Ingestion points: In Phase 2 and Phase 3, the agent uses search tools to gather data from student review sites (Reddit, Niche, GMAT Club, GradCafe) and university pages.
  • Boundary markers: The prompts provided in references/subagent-prompts.md do not include explicit delimiters or instructions for the subagents to ignore potential instructions embedded in the retrieved web content.
  • Capability inventory: The skill performs file-write operations to the local directory (generating {CANDIDATE_NAME}_US_PROGRAM_ACTION_PLAN.md).
  • Sanitization: There is no documented logic to sanitize or filter the external text before it is summarized or included in the final document.
  • [DATA_EXFILTRATION]: The skill collects Personally Identifiable Information (PII) during its setup phase.
  • Evidence: Phase 0B in SKILL.md prompts the user for their 'Full name + email' and detailed academic background. While this is intended for personalizing the resulting research report, it constitutes data collection that users should be aware of.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 03:53 AM