analyze-book
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches book metadata, chapter structures, and reviews from external websites including Douban (douban.com) and Dangdang (dangdang.com). These are recognized as well-known services for bibliographic data and reader reviews.
- [COMMAND_EXECUTION]: Orchestrates six parallel sub-agents using the
Agenttool to perform specialized research tasks (structure, background, logic, solutions, terminology, and references). - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its data processing workflow.
- Ingestion points: External content is brought into the agent's context through
WebFetchandWebSearchoperations in Phase 0 and Phase 1. - Boundary markers: The sub-agent prompt templates do not include explicit boundary markers or instructions to disregard potential hidden commands within the fetched web data.
- Capability inventory: The skill possesses
WebSearch,WebFetch,Agent(sub-agent delegation), andWrite(local file system access to save the report). - Sanitization: There is no visible sanitization or validation of the external content before it is interpolated into the prompts for sub-agent analysis.
Audit Metadata