perplexity
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to ingest and process data from the web using Perplexity search tools, which creates an attack surface where malicious instructions could be embedded in search results. * Ingestion points: Web search results and conversational responses from mcp__perplexity__perplexity_search and mcp__perplexity__perplexity_ask (SKILL.md and README.md). * Boundary markers: Absent; the skill does not provide instructions to the agent to distinguish between its system guidelines and the content returned from external search tools. * Capability inventory: As a skill designed for coding assistants like Claude Code, the agent context likely possesses capabilities for file system modification and command execution. * Sanitization: Absent; no validation or filtering of the external search results is specified within the skill instructions.
Audit Metadata