mlb-opponent-profiler
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests untrusted data from external Yahoo Fantasy Baseball pages and writes it to local markdown files used by other agents.
- Ingestion points: Data is collected from various Yahoo URLs, including team names, manager handles, and transaction descriptions as specified in methodology.md.
- Boundary markers: No explicit delimiters or instructions are used to separate untrusted content from agent instructions in the output files or templates.
- Capability inventory: The skill possesses file-write capabilities in the context/opponents/ and signals/ directories.
- Sanitization: There is no evidence of sanitization or validation of the ingested external strings before they are persisted to disk.
Audit Metadata