user-research
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its data-processing workflow.\n
- Ingestion points: The skill ingests untrusted external data using
WebFetch,WebSearch, andReadtools to analyze user interviews and competitor websites.\n - Boundary markers: The instructions lack explicit delimiters or 'ignore' directives to prevent the model from inadvertently executing commands that might be embedded in research transcripts or fetched web content.\n
- Capability inventory: The presence of
Write,Edit, andWebFetchtools creates a potential risk where malicious input could influence file system changes or further network requests.\n - Sanitization: No input validation or sanitization logic is defined for the content processed during synthesis steps.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes the
WebFetchandWebSearchtools to retrieve data from external web sources. While this is necessary for its UX research functionality, it involves network interactions with non-whitelisted domains.
Audit Metadata