idea
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on external data from web searches during the research phase. This content is used to update internal project drafts and session logs without explicit sanitization.
- Ingestion points: Web content retrieved via
WebSearchfor competitive and market analysis (Step 3.3b). - Boundary markers: Absent; the instructions do not require the use of delimiters or instructions to ignore embedded commands in search results.
- Capability inventory: File system write access to create and update files in the project's
ideas/directory. - Sanitization: Absent; external research findings are summarized and stored without validation or escaping.
- [EXTERNAL_DOWNLOADS]: The skill uses
WebSearchtools to fetch information from external websites to support competitive and market research activities.
Audit Metadata