multi-source-investigation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill possesses a vulnerability surface for indirect prompt injection.
- Ingestion points: Uses
WebSearchandWebFetchto pull untrusted data from external URLs into the agent's context. - Boundary markers: Absent; the prompt does not specify delimiters or instructions to ignore commands embedded in fetched data.
- Capability inventory: Has access to
WebSearch,WebFetch,Read,Grep, andGlobtools. - Sanitization: No sanitization or validation of the fetched content is specified in the researcher protocol.
- [Prompt Injection] (SAFE): The roleplay instructions are focused on research methodologies and do not attempt to bypass safety filters or override system constraints.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or access to sensitive system paths (e.g., ~/.ssh) were found. Network activity is limited to standard search and fetch tools.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script executions (e.g., curl|bash) are present.
Audit Metadata