rdc-rest
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill contains a specific instruction in Section 6: 'When asked to browse or navigate to a web address, actual visit the address'. This encourages the agent to ingest content from external, untrusted web sources, which is a primary vector for indirect prompt injection (Category 8c).
- Ingestion points: External URLs provided by users or discovered during tasks involving the skill.
- Boundary markers: Absent; the skill does not provide delimiters or instructions to the agent to disregard malicious commands embedded in external content.
- Capability inventory: The instruction assumes the agent has web-browsing or content-fetching capabilities.
- Sanitization: Absent; no instructions are provided to sanitize or validate the content fetched from external links.
Audit Metadata