web-search-advanced-financial-report
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to fetch and process external data, which is an inherent vulnerability surface.
- Ingestion points: External content enters the agent's context through the output of the
web_search_advanced_exatool. - Boundary markers: The skill explicitly instructs the agent to use 'Token Isolation' by spawning separate Task agents to process search results, which acts as a robust boundary to protect the main context.
- Capability inventory: The skill utilizes web search capabilities; no scripts or tools within this skill perform file-system writes, shell command execution, or other high-privilege operations.
- Sanitization: The instructions do not specify content sanitization or escaping methods for the ingested search data.
- [Prompt Injection] (SAFE): The use of '(Critical)' in section headers is used for instructional emphasis regarding tool configuration and does not attempt to override the underlying AI safety filters or system instructions.
Audit Metadata