geo-fact-checker
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local Python script (scripts/claim_extractor.py) to assist in identifying factual claims within text. This script is part of the skill package and uses standard regular expressions for extraction.
- [EXTERNAL_DOWNLOADS]: The skill is designed to interact with WebSearch and WebFetch tools to verify claims against external web sources. These operations are intended for factual verification and do not involve downloading executable code.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks (Category 8) as it ingests and processes untrusted user drafts and external web pages. (1) Ingestion points: User-provided content and data retrieved via the WebFetch tool. (2) Boundary markers: No specific delimiters or instructions are provided to the agent to ignore potentially malicious commands within the analyzed content. (3) Capability inventory: The skill has access to network search/fetch tools and executes a local Python helper script. (4) Sanitization: There is no implemented validation or filtering to sanitize external content before it is processed by the agent context.
Audit Metadata