search
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from the open web, which presents an inherent surface for indirect prompt injection. Ingestion points: External data enters through search results and full-page fetches (SKILL.md, extraction.md). Boundary markers: The instructions do not specify the use of delimiters for untrusted content. Capability inventory: The skill can search the web, fetch external content, and write files to the local filesystem. Sanitization: No specific validation or escaping of external content is mentioned.
- [EXTERNAL_DOWNLOADS]: The skill fetches content from external websites via the web_fetch_exa tool. This is a core feature for its research purpose and uses the vendor's official search infrastructure.
Audit Metadata