verify-authenticity
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely within its declared scope of verifying content. It does not attempt to access sensitive files, maintain persistence, or execute arbitrary code.
- [PROMPT_INJECTION]: The skill is designed to process untrusted user data (messages, images, and text) to verify authenticity, which creates a surface for indirect prompt injection.
- Ingestion points:
SKILL.mdprocesses user-provided information and content. - Boundary markers: None present. The instructions do not specify delimiters to separate user content from system instructions.
- Capability inventory: The skill uses the
openclawtool inSKILL.mdto perform network searches and message-based tasks. - Sanitization: No explicit sanitization or validation of user-provided content is mentioned before it is passed to the search tool.
Audit Metadata