user-persona
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface.
- Ingestion points: The skill is instructed to process user-provided research files, transcripts, survey results, and content from external product URLs via web search (SKILL.md).
- Boundary markers: No delimiters or instructions to ignore embedded commands are specified in SKILL.md to isolate external data from the agent's instructions.
- Capability inventory: Instructions in SKILL.md enable the agent to perform web searches and save documents to the workspace.
- Sanitization: No evidence of input validation, filtering, or sanitization of external content is defined in the skill instructions.
Audit Metadata