company-intelligence
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill is designed to process untrusted external content, creating a vulnerability surface where an attacker can influence agent behavior through 'poisoned' web content.
- Ingestion points: External data is ingested via Perplexity (web search), Exa (semantic search), and Apify (web scraping) as defined in the 'Available Tools' section of SKILL.md.
- Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings to help the agent distinguish between researcher instructions and the content being researched.
- Capability inventory: The skill performs data retrieval and synthesis. While it doesn't directly execute code, its output is intended to feed into high-capability downstream skills like 'multithread-outreach' and 'cold-call-scripts' which may perform automated communication.
- Sanitization: Absent. There are no instructions for the agent to sanitize or filter potential instructions found within scraped web data.
Audit Metadata