perplexity
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill facilitates the ingestion of untrusted content from external web sources, creating a vulnerability where adversarial instructions in search results could influence the agent. • Ingestion points: mcp__perplexity__perplexity_search and mcp__perplexity__perplexity_ask (SKILL.md). • Boundary markers: absent. • Capability inventory: information retrieval and reasoning. • Sanitization: absent.
- [Data Exposure & Exfiltration] (LOW): The skill transmits user queries to external Perplexity API endpoints. While this is the intended functionality, it constitutes a data flow to a non-whitelisted external service.
Audit Metadata