high-fidelity-extraction
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process large amounts of untrusted content from social media platforms (Instagram, TikTok, YouTube). This content could contain malicious instructions designed to manipulate the agent.
- Ingestion points: Captions, comments, and post text extracted via browser automation as described in
SKILL.md. - Boundary markers: Absent. The skill does not provide instructions to wrap extracted data in delimiters or treat it as untrusted input.
- Capability inventory: Browser navigation, DOM extraction, and tabular formatting.
- Sanitization: The skill mentions filtering bot comments but lacks sanitization for escaping malicious prompt instructions embedded in text.
- [Data Exfiltration] (LOW): The skill instructs the agent to perform network operations against various non-whitelisted social media domains (Instagram, TikTok, YouTube). This is consistent with the primary purpose of the skill but represents an external communication surface.
Audit Metadata