research-prospect
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified in external data processing.
- Ingestion points: Untrusted data enters the agent context through browsing company websites and LinkedIn profiles as specified in the research process.
- Boundary markers: The skill lacks explicit delimiters or instructions to treat web-fetched content as untrusted data, increasing the risk of the agent following instructions embedded in websites.
- Capability inventory: The skill possesses the ability to read local workspace files (company-profile.md) and perform network browsing operations.
- Sanitization: There is no mechanism to validate or sanitize external content before it is used to generate the research brief or assess ICP fit.
Audit Metadata