Skills
skills/liangdabiao/exa-research-mcp-skill/company-research/Gen Agent Trust Hub

company-research

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes and summarizes untrusted content from the web.
  • Ingestion points: The skill ingests untrusted data from company homepages, news articles, tweets, and LinkedIn profiles via the web_search_advanced tool.
  • Boundary markers: There are no explicit delimiters or instructions provided to ensure the agent ignores embedded commands or instructions within the retrieved web content.
  • Capability inventory: The skill has the capability to spawn Task agents and perform browser automation using the 'Claude in Chrome' fallback mechanism.
  • Sanitization: The instructions do not include any steps for sanitizing, filtering, or validating the external content before it is passed to the LLM for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 09:56 AM