ai-agents
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill defines a 'Trend Awareness Protocol' instructing the agent to utilize web search tools to gather real-time information, creating a surface for ingesting untrusted external content.
- Ingestion points: Web search tool results, RAG retrieval modules, and OS agent UI observations mentioned in architecture guides.
- Boundary markers: The skill advocates for multi-layer guardrails, human-in-the-loop (HITL) triggers, and explicit 'go/no-go' safety gates.
- Capability inventory: Guidance for web browsing, tool execution via MCP, and OS/browser automation.
- Sanitization: The skill contains explicit 'Avoid' instructions regarding untrusted tool outputs and mandates validation/sanitization of external content before processing.
Audit Metadata