agent-content-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze external documentation and web search results, which are untrusted data sources. Because it utilizes tools like TodoWrite and Task that can modify state or files, it presents a surface for indirect prompt injection where malicious content could attempt to influence the agent's behavior.
- Ingestion points: Uses Read, Grep, and mcp__brave__brave_web_search to ingest data from files and the web. (File: SKILL.md)
- Boundary markers: There are no explicit instructions for the agent to treat analyzed content as data only or to ignore embedded instructions within that content.
- Capability inventory: Includes tools for file interaction (Read, Grep, Glob, LS) and potential state modification (TodoWrite, Task). (File: SKILL.md)
- Sanitization: No sanitization or validation of the ingested content is described in the instruction set.
Audit Metadata