market-research
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its core functionality of ingesting and processing untrusted data from web search results.
- Ingestion points: External data is retrieved via web search commands in files
step-02-customer-behavior.mdthroughstep-06-research-completion.md. - Boundary markers: The workflow lacks explicit boundary markers or system-level instructions to treat search results strictly as data rather than instructions.
- Capability inventory: The skill has the capability to write to the local filesystem (the
{planning_artifacts}path) and is instructed to use subagents or subprocesses for parallel analysis. - Sanitization: There is no evidence of sanitization, filtering, or validation of the retrieved web content before it is processed by the agent into the final report.
Audit Metadata