Skills
AGENT LAB: SKILLS
skills/sickn33/antigravity-awesome-skills/startup-business-analyst-market-opportunity/Gen Agent Trust Hub

startup-business-analyst-market-opportunity

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill is highly susceptible to Indirect Prompt Injection. It instructs the agent to use WebSearch and WebFetch to gather industry reports and data from external, untrusted sources.
  • Ingestion points: Untrusted external data entered via WebFetch and WebSearch tools in Step 4.
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the fetched market data.
  • Capability inventory: High. The skill is granted Bash, Write, and Edit tools. A successful injection via a malicious web page could lead to arbitrary command execution or unauthorized file modifications.
  • Sanitization: None. There are no steps to validate or filter the content retrieved from the web before the agent processes it.
  • [COMMAND_EXECUTION] (MEDIUM): The skill metadata lists Bash as an allowed tool. While the current instructions do not use it for malicious purposes, the combination of shell access with the ingestion of untrusted external content represents a significant security risk.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill uses WebFetch to download content for research purposes. While expected for the skill's function, it serves as the primary vector for the identified injection risks.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:09 PM