serp-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill contains no executable scripts, binaries, or automated installation commands. The logic is entirely contained within markdown instructions and reference templates.
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted data from search engine results and external web pages using the
WebFetchtool. This introduces a surface for indirect prompt injection where malicious instructions embedded in web content could attempt to influence the agent. However, this risk is inherent to the skill's primary function of web analysis and is mitigated by the absence of high-privilege capabilities or access to sensitive local resources. (Ingestion points:WebFetchtool usage inSKILL.md; Boundary markers: None explicitly defined; Capability inventory:WebFetchfor web retrieval; Sanitization: None specified beyond analytical structuring).
Audit Metadata