web-research
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, unauthorized network calls, or credential leaks were detected. The skill logic is focused on legitimate research tasks using established Model Context Protocol (MCP) tools.\n- [PROMPT_INJECTION]: This skill has an indirect prompt injection surface due to its core function of researching and scraping external web content.\n
- Ingestion points: Data enters the system context via mcp__firecrawl__firecrawl_scrape, mcp__firecrawl__firecrawl_search, and mcp__perplexity__perplexity_ask as defined in SKILL.md.\n
- Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from executing instructions found within the scraped external content.\n
- Capability inventory: While the skill uses documentation and search tools, it does not possess high-risk capabilities like local file writing, arbitrary shell execution, or privilege escalation within the analyzed file.\n
- Sanitization: The skill does not perform sanitization, filtering, or validation on the content retrieved from external URLs before processing it.
Audit Metadata