paw-wbc-agent-discovery
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill identity, principles, and response protocols are consistent with its stated purpose of webinar discovery. No obfuscation, persistence, or privilege escalation patterns were found.\n- [EXTERNAL_DOWNLOADS]: The agent uses the Exa search engine via MCP tools (web_search_exa, crawling_exa) to retrieve topic data and competitive insights. This is a legitimate research functionality.\n- [PROMPT_INJECTION]: The skill defines a data ingestion workflow that creates a surface for indirect prompt injection.\n
- Ingestion points: External content is fetched through crawling tools and user-provided source files.\n
- Boundary markers: No explicit markers are used to delimit external data from agent instructions.\n
- Capability inventory: The agent can write research files and logs to the local filesystem.\n
- Sanitization: Content is summarized and synthesized without specific validation or filtering steps.
Audit Metadata