doublecheck
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the
web_searchtool to retrieve data from external web sources. This content is then used to generate verification reports, introducing a dependency on information from potentially untrusted third-party websites.\n- [PROMPT_INJECTION]: The skill implements a persistent 'Active Mode' that modifies agent behavior for the remainder of a conversation once triggered. It instructs the agent to follow a specific set of rules ('Rule: Classify every response before sending it') for all future interactions, which functions as a high-level behavioral override.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface through the ingestion of untrusted target text and web search results.\n - Ingestion points: The
SKILL.mdfile (Layer 1 and Layer 2) describes processing user-provided text and external content from theweb_searchtool.\n - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the verified text are specified in the instructions.\n
- Capability inventory: The skill can perform web searches and generate structured reports based on processed data.\n
- Sanitization: No specific sanitization or filtering of external input is described before it is parsed for claims.
Audit Metadata