grant-proposal
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to fetch and process external data from the web, creating an attack surface for indirect prompt injection.\n
- Ingestion points: WebSearch and WebFetch tools listed in the tools section of SKILL.md.\n
- Boundary markers: Absent. There are no explicit delimiters or instructions defined to separate untrusted web content from the agent's core instructions.\n
- Capability inventory: Read, Grep, and Glob (filesystem access), plus web navigation tools.\n
- Sanitization: Absent. The protocol does not include steps to sanitize or validate external content before processing.
Audit Metadata