competitor-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to crawl external websites provided as arguments, creating an attack surface where instructions embedded in those websites could influence agent behavior.
- Ingestion points: Content is ingested via the WebFetch tool in Step 2 (Phase 1) for the Product, Marketing, UX, and Technical agents.
- Boundary markers: Absent. The prompts in SKILL.md interpolate research findings into synthesis agents (Phase 2) without using delimiters (e.g., XML tags or triple quotes) or specific 'ignore embedded instructions' warnings.
- Capability inventory: The skill utilizes WebSearch, WebFetch, and Task (sub-agent spawning) capabilities.
- Sanitization: Absent. There is no evidence of content filtering or safety-stripping before external data is passed to Phase 2 synthesis agents.
Audit Metadata