web-search
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from the internet via the WebSearch tool.
- Ingestion points: External websites retrieved through WebSearch.
- Boundary markers: None identified; there are no clear delimiters between search results and system instructions.
- Capability inventory: Limited to display and summarization; no subprocess execution, file modification, or network-send capabilities are present.
- Sanitization: No explicit sanitization of external content is mentioned.
- [SAFE] (SAFE): No evidence of hardcoded credentials, malicious downloads, persistence mechanisms, or obfuscation was found in the skill instructions.
Audit Metadata