search-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of a markdown file providing persona instructions. It contains no Python scripts, Node.js code, shell commands, or other executable elements.
- [PROMPT_INJECTION]: The skill is designed to process external information, creating a surface for indirect prompt injection.
- Ingestion points: The skill is tasked with finding and curating information across any domain or source type, implying ingestion of untrusted external content into the agent's context.
- Boundary markers: No explicit delimiters or instructions are provided to help the agent distinguish between its system instructions and the retrieved external information.
- Capability inventory: While no tools are shipped with the skill, the persona is intended to perform comprehensive searches and retrieval tasks using the agent's environment.
- Sanitization: There are no defined mechanisms for sanitizing, filtering, or validating external content before it is processed by the agent.
Audit Metadata