company-research
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted third-party data from web search results across 16 research steps, which constitutes an indirect prompt injection surface. The author has mitigated this risk by implementing a 'Sanitizer Gate' and 'Checker' instructions that specifically scan for and redact instruction-like text found in external content. 1. Ingestion points: Web search results retrieved via tools in every research step (SKILL.md). 2. Boundary markers: 'Content trust boundary' and 'Injection guard' sections are present to explicitly isolate external data. 3. Capability inventory: The skill utilizes web search, file writing, and subagent orchestration tools. 4. Sanitization: Mandatory 'Sanitizer Gate' and 'Checker' validation loops are defined to scrub inputs.
- [COMMAND_EXECUTION]: The skill utilizes platform-native tools for web searching and file writing to assemble the final research report, which is consistent with its stated purpose of automated business development research.
Audit Metadata