competitor-teardown
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs the user to install dependencies from the inference-sh organization using the npx package runner.
- [COMMAND_EXECUTION]: The skill uses the infsh CLI to execute various sub-applications, including a Python executor for generating charts with matplotlib and an agent-controlled browser for capturing screenshots.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and analyze data from untrusted external sources.
- Ingestion points: Data is ingested from external URLs through web extraction tools, search assistants, and browser automation.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore commands that may be embedded within the retrieved website content.
- Capability inventory: The agent has permissions to use the infsh CLI, which includes capabilities for searching the web, browsing sites, and executing Python code.
- Sanitization: The skill does not implement sanitization or filtering of the scraped content before it is processed by the agent.
Audit Metadata