competitor-intel-agent
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external sources. Malicious actors could place hidden instructions on competitor websites to manipulate the agent's behavior during analysis.
- Ingestion points: Untrusted data enters the context via the
WebFetchandWebSearchtools when monitoring competitor websites, pricing pages, and blogs (SKILL.md). - Boundary markers: The skill lacks explicit boundary markers or instructions for the agent to ignore embedded commands within the fetched data.
- Capability inventory: The agent possesses
Write,WebSearch,WebFetch, andBashtools, which increases the potential impact of a successful injection. - Sanitization: There is no documentation of sanitization, escaping, or validation of the external content before it is analyzed by the model.
Audit Metadata