impress-me
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to 'Research aggressively across the web' and use 'any available tools' to gather information. This establishes a surface for Indirect Prompt Injection, where instructions embedded in external web content or tool outputs could influence the agent's behavior.
- Ingestion points: External web pages, codebase files, and outputs from MCP resources or other tools.
- Boundary markers: The skill does not provide delimiters or instructions to ignore potential commands found within the researched data.
- Capability inventory: The skill explicitly encourages the use of 'any available tools', which may include capabilities for file modification, command execution, or network access.
- Sanitization: No sanitization or validation logic is defined for the external data being processed.
Audit Metadata