Skills
skills/moodmnky-llc/mood-mnky-command/docs-lookup/Gen Agent Trust Hub

docs-lookup

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes content from external, untrusted URLs and documentation sites.
  • Ingestion points: Content retrieved via the Context7, Fetch, and FireCrawl tools from user-provided or discovered URLs in SKILL.md.
  • Boundary markers: The instructions lack explicit delimiters or warnings to the model to treat fetched content as untrusted data or to ignore instructions embedded within the retrieved text.
  • Capability inventory: The skill directs the agent to retrieve and summarize data, which could lead to the agent following malicious instructions found on a website if they are presented as valid documentation.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the fetched content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 05:28 PM