code-verify
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its processing of external web content and multi-agent task delegation.
- Ingestion points: Untrusted data enters the agent context via 'WebSearch' and 'WebFetch' tools in SKILL.md, and via the '{context}' variable in SUBAGENT.md.
- Boundary markers: The instructions lack delimiters or 'ignore embedded instructions' warnings when processing external documentation or context strings.
- Capability inventory: Analysis of both files reveals no subprocess calls, executable code generation, file-write operations, or unauthorized network operations. Capabilities are limited to information retrieval and agent communication.
- Sanitization: There is no evidence of content sanitization or escaping of external data before it is interpolated into the agent's prompts.
Audit Metadata