blog-feedback
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from user-provided files or websites.\n
- Ingestion points: Content is ingested via the Read tool for local files and WebFetch or the defuddle skill for web URLs.\n
- Boundary markers: There are no instructions or delimiters in the skill to prevent the agent from executing commands embedded within the text it is analyzing.\n
- Capability inventory: The agent has access to the Read tool (file access) and WebFetch (network access).\n
- Sanitization: No sanitization or validation is performed on the ingested text to ensure it does not contain malicious prompts.\n- [EXTERNAL_DOWNLOADS]: The skill performs network requests to retrieve external content for simulation.\n
- Evidence: The execution flow requires the agent to fetch the main text of articles from web URLs using WebFetch or external skills.
Audit Metadata