search-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to fetch and synthesize content from external websites, which is a known attack surface for indirect prompt injection.
- Ingestion points: Web search results and full content extraction via WebFetch.
- Boundary markers: Not present in the provided instructions.
- Capability inventory: Data synthesis and recommendation generation; no file-write, network exfiltration of sensitive local data, or command execution capabilities are present.
- Sanitization: No sanitization or filtering logic is defined for the external content.
- Data Exposure & Exfiltration (LOW): The skill performs network operations to fetch data from non-whitelisted external domains as part of its core search and 'WebFetch' functionality.
Audit Metadata