email-finder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill methodology describes a surface for indirect prompt injection as it ingests untrusted data from the web.\n
- Ingestion points: Web scraping of external pages like
/contact,/about, and/team(SKILL.md).\n - Boundary markers: The instructions do not define delimiters or instructions to ignore embedded commands for the agent when processing scraped data.\n
- Capability inventory: Implicit network access for web scraping and interacting with external APIs (Hunter.io, Apollo.io, Snov.io, Clearbit).\n
- Sanitization: No mention of sanitizing or validating external web content before it enters the agent's context.
Audit Metadata