faion-market-researcher
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a vulnerability surface for indirect prompt injection because it ingests external, untrusted data to generate reports.\n
- Ingestion points: Uses
WebSearchandWebFetchto gather intelligence from the web as defined in SKILL.md and referenced research frameworks.\n - Boundary markers: The templates provided across the skill (e.g., in
pricing-research/README.md) do not include explicit delimiters or instructions to ignore instructions embedded within the fetched data.\n - Capability inventory: The skill is authorized in SKILL.md to use
Writetools to save research results to the local filesystem in.aidocs/product_docs/.\n - Sanitization: No sanitization or filtering logic for external content is included in the methodologies.\n- No Code (SAFE): The skill consists entirely of Markdown documentation and templates. No executable Python or Node.js scripts were found in any of the 112 files analyzed.
Audit Metadata