skills/rmyndharis/antigravity-skills/startup-business-analyst-market-opportunity/Gen Agent Trust Hub
startup-business-analyst-market-opportunity
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): This skill has an attack surface for indirect prompt injection because it is designed to ingest and process data from the open web.
- Ingestion points: Data enters the context via the
WebSearchandWebFetchtools during Step 4 (Gather Market Data). - Boundary markers: The instructions lack explicit boundary markers or delimiters to tell the LLM to ignore instructions that might be embedded in the fetched web content (e.g., hidden HTML comments or malicious text in industry reports).
- Capability inventory: The skill has access to
Bash,Write, andEdittools, which could be leveraged if a malicious payload in a web source successfully influences the agent. - Sanitization: There is no specified sanitization or filtering logic for the data retrieved from the web before it is analyzed by the agent.
Audit Metadata