Skills
skills/terminalskills/skills/web-research/Gen Agent Trust Hub

web-research

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and analyzes content from arbitrary external websites.
  • Ingestion points: The extract_page_content function in SKILL.md fetches text content from external URLs returned by search results.
  • Boundary markers: There are no instructions or delimiters defined to isolate the fetched external content from the agent's core instructions.
  • Capability inventory: The skill has network-read capabilities via requests.get and file-write capabilities via the cat shell command.
  • Sanitization: There is no evidence of sanitization or filtering of the fetched HTML/text content before it is passed to the agent for synthesis.
  • [EXTERNAL_DOWNLOADS]: Fetches search data from the Brave Search API and retrieves content from third-party websites for research purposes.
  • [COMMAND_EXECUTION]: Employs the cat command to save synthesized research reports to the local filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 09:16 PM