account-research
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8).
- Ingestion points: Untrusted data enters the agent context via web search results (news, homepage, LinkedIn) and data enrichment tools in Steps 2 and 3 of the execution flow.
- Boundary markers: Absent. The instructions do not specify the use of delimiters or warnings to ignore instructions embedded in the retrieved research data.
- Capability inventory: The skill possesses the capability to perform web searches and access internal CRM/Enrichment data via MCP servers (SKILL.md).
- Sanitization: Absent. There is no mention of filtering or escaping external content before it is synthesized into the final research report.
Audit Metadata