flows-agent
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill inherently processes untrusted data from the internet as its primary function. It allows the agent to fetch content from over 1000 external API providers through the
call_paid_apitool. - Ingestion points: Untrusted content is ingested from remote servers via the
call_paid_apitool inSKILL.md. - Boundary markers: No specific delimiters or safety wrappers are defined for the returned API responses.
- Capability inventory: The skill provides tools for searching, pricing, and executing remote API calls, but does not grant direct file system or shell access.
- Sanitization: There is no explicit sanitization or filtering of API responses mentioned in the instructions.
Audit Metadata