heal
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from external websites (via WebFetch) and library repositories (via WebSearch) to diagnose failures. This represents an indirect prompt injection surface where malicious instructions in a webpage could potentially influence the agent's diagnostics or code fixes.
- Ingestion points: External HTML content from scrapers and GitHub data (SKILL.md).
- Boundary markers: None specified.
- Capability inventory:
Bash,Write,Agent,WebFetch. - Sanitization: No explicit sanitization of external content is described.
Audit Metadata