research-synthesis
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill retrieves content from external sources which could contain malicious instructions designed to subvert the agent's behavior.
- Ingestion points:
WebSearchandWebFetchtools are used to ingest content from the open web. - Boundary markers: The instructions do not provide delimiters (e.g., XML tags or triple quotes) to encapsulate untrusted external content, nor do they instruct the model to ignore instructions found within that content.
- Capability inventory: The skill utilizes
WebSearch,WebFetch,Read,Grep, andGlobtools. - Sanitization: No sanitization or validation of external data is performed before processing.
Audit Metadata