solo-swarm
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from multiple external web sources and processes it using agents with file-writing and shell capabilities.
- Ingestion points: External content fetched via
WebSearch,WebFetch, andmcp__solograph__web_searchfrom domains like reddit.com and github.com. - Boundary markers: The skill does not define explicit delimiters or instructions for the agent to ignore potentially malicious content within the fetched data.
- Capability inventory: The skill has access to
Bash,Write,WebSearch, and various MCP tools for project and code analysis. - Sanitization: No sanitization or validation of the retrieved web content is specified before the agent synthesizes the findings into the final report.
Audit Metadata