web-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill creates a surface for indirect prompt injection because it processes untrusted data from the internet. Ingestion points: External content fetched by subagents and saved to local markdown files. Boundary markers: The synthesis instructions do not specify the use of delimiters or boundary markers. Capability inventory: mkdir, write_file, read_file, list_files, fetch_url, and task. Sanitization: There are no instructions for sanitizing or escaping the retrieved content before synthesis.
Audit Metadata