researching-ai-news
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill identifies a surface for indirect prompt injection as it processes untrusted data from external search results. However, the risk is negligible as the skill lacks sensitive capabilities like filesystem access or shell execution.
- Ingestion points: Untrusted web content retrieved via
mcp__perplexity__perplexity_searchandmcp__perplexity__perplexity_researchin Step 1. - Boundary markers: Absent in the instructions provided to the agent.
- Capability inventory: Limited to reading search results and generating text summaries. No high-privilege tools are involved.
- Sanitization: None explicitly defined, though the instructions mandate cross-referencing claims against official company blogs (Step 4) which serves as a manual validation layer.
- External Dependencies (SAFE): The skill relies on Perplexity MCP tools for data retrieval. These are recognized external tools for information gathering and do not involve unauthorized code execution or package installations.
Audit Metadata