Skills
skills/fortunto2/solo-factory/solo-research/Gen Agent Trust Hub

solo-research

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run network-related commands including whois, dig, and curl. These are used to verify domain availability and fetch data from third-party APIs.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to api.pullpush.io (a Reddit archive service) and rdap.org (Registration Data Access Protocol) to gather market and domain information. These are standard services for the skill's stated purpose but involve third-party data processing.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingests untrusted content from Reddit, YouTube, and general web pages using WebFetch and Playwright.
  • Ingestion points: Web content is retrieved from multiple external sources (Reddit, YouTube, competitor sites).
  • Boundary markers: The skill does not explicitly define markers to prevent the agent from obeying instructions found within the scraped content.
  • Capability inventory: The skill has access to Bash, Write, Edit, and Grep tools, which could be exploited if malicious instructions are processed from external data.
  • Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 02:01 AM