competitor-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection. It directs the agent to fetch and interpret data from competitor homepages and pricing pages discovered via search engines. This untrusted content could contain adversarial instructions intended to redirect the agent's behavior.
- Ingestion points: Homepage and pricing page content from third-party websites (SKILL.md, Step 4).
- Boundary markers: Absent. There are no instructions provided to separate untrusted web content from internal logic or to ignore instructions embedded in the external data.
- Capability inventory: Web search and URL fetching capabilities (SKILL.md, Step 3 and 4).
- Sanitization: Absent. The skill extracts summary information directly from raw external site content without validation or filtering.
- [EXTERNAL_DOWNLOADS]: The skill initiates network requests to retrieve data from external, non-whitelisted domains identified during the automated search process (SKILL.md, Step 4).
Audit Metadata