Skills
NYC
skills/erichowens/some_claude_skills/research-analyst/Gen Agent Trust Hub

research-analyst

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because its core function involves processing untrusted external web content.\n
  • Ingestion points: Untrusted data enters the agent context through the WebFetch and WebSearch tools mentioned in the SKILL.md frontmatter.\n
  • Boundary markers: The instructions in SKILL.md do not include delimiters or specific instructions to treat fetched content as untrusted or to ignore embedded instructions.\n
  • Capability inventory: Based on SKILL.md, the allowed-tools are Read, Grep, Glob, WebSearch, and WebFetch. There are no capabilities for writing files, executing system commands, or performing arbitrary network exfiltration.\n
  • Sanitization: No sanitization, validation, or filtering of external content is described or mandated in the skill instructions.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 12:04 AM