learning-guide-creator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is designed to perform 10-15 web searches and retrieve full page content from multiple external URLs using the
web_fetchtool. This involves processing data from unverified third-party sources during the research phase. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests a significant amount of untrusted text from external websites and incorporates it into its final output guide.
- Ingestion points: External data is ingested via the
web_fetchtool during Phase 2 (Research). - Boundary markers: The instructions do not specify any delimiters or special markers to isolate the researched content from the agent's internal instructions, nor do they include warnings to ignore embedded instructions in the fetched data.
- Capability inventory: The skill has network-read capabilities via
web_fetchand file-write capabilities to the/mnt/user-data/outputs/directory. - Sanitization: No sanitization, filtering, or validation steps are described for the content retrieved from the web before it is used to generate the 15,000-20,000 word guide.
Audit Metadata