customer-review-aggregator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted content from external sources.
- Ingestion points: Workflow Step 2 (Option C) instructs the agent to use 'WebFetch' to analyze public reviews from arbitrary URLs provided by the user.
- Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the fetched review text.
- Capability inventory: The skill uses network reading (WebFetch) and generates complex outputs (reports, marketing claims).
- Sanitization: Absent. There is no requirement to sanitize or filter external content before interpolation into the analysis prompt.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill utilizes external network access through 'WebFetch' to pull data from review platforms. This behavior is consistent with the primary purpose of the skill and does not appear to target sensitive local files or internal credentials.
- [NO_CODE] (SAFE): No executable scripts or configuration files were found in the skill. The logic is entirely contained within the markdown instructions.
Audit Metadata