grok-search
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection due to its data ingestion capabilities.
- Ingestion points: Untrusted data enters the agent context through the
mcp__grok_search__web_searchandmcp__grok_search__web_fetchtools referenced in SKILL.md and SKILL_zh.md. - Boundary markers: Absent. The instructions do not define delimiters or specific safety warnings to help the agent ignore instructions embedded in the external research content.
- Capability inventory: Capabilities are limited to research planning and execution through the specified MCP tools. No subprocess calls, file-write operations, or arbitrary code execution patterns were found across SKILL.md or the reference files.
- Sanitization: Absent. External content is fetched and presented to the agent without evident filtering, escaping, or validation.
Audit Metadata