audit-website
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes content from external websites, which presents an inherent surface for indirect prompt injection. \n
- Ingestion points: Metadata, headers, and content from audited URLs (untrusted sources) are retrieved via the CLI. \n
- Boundary markers: The LLM-optimized output format uses XML tags like , , and to separate data. \n
- Capability inventory: The agent uses the squirrel CLI; no file-write or additional network permissions are explicitly granted by the skill configuration. \n
- Sanitization: The tool implements XML character escaping for all text content to prevent structural breakage.
Audit Metadata