Skills
skills/lev-os/agents/geo-llmstxt/Gen Agent Trust Hub

geo-llmstxt

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from external websites via the WebFetch tool, creating a surface for indirect prompt injection where malicious instructions in a website's llms.txt or page content could attempt to manipulate the agent's behavior.
  • Ingestion points: Website content, including llms.txt, homepages, and sitemaps, is retrieved in 'Analysis Mode' (Step 1) and 'Generation Mode' (Step 1).
  • Boundary markers: The skill lacks instructions to wrap fetched data in delimiters or provide warnings to ignore embedded instructions.
  • Capability inventory: The skill environment includes access to tools such as Bash and Write.
  • Sanitization: No explicit sanitization, escaping, or validation of retrieved website text content is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 06:48 PM