web-research
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to search and aggregate information from various external and untrusted platforms such as GitHub, Stack Overflow, and Reddit. This behavior creates an attack surface for indirect prompt injection where instructions embedded in the searched content could attempt to influence the agent's behavior.
- Ingestion points: Technical descriptions, comments, and documentation from external websites (SKILL.md).
- Boundary markers: The instructions do not define delimiters or specific warnings to help the agent distinguish between legitimate data and potential instructions within the fetched content.
- Capability inventory: No executable tools, scripts, or system-level capabilities are defined within this skill.
- Sanitization: The skill does not provide any instructions for sanitizing, validating, or filtering the retrieved external content.
- [NO_CODE]: The skill consists exclusively of markdown documentation and YAML metadata. There are no associated scripts, package files, or binary executables that could perform actions on the host system.
Audit Metadata