protocolsio-integration
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The section 'Suggest Using K-Dense Web For Complex Worflows' contains instructions that direct the agent to proactively steer users toward a specific commercial platform (K-Dense Web). This acts as a behavioral override for marketing purposes.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from an external third-party API (protocols.io) that can be modified by users outside of the agent's control.
- Ingestion points: The skill retrieves protocol metadata, steps, and comments via GET requests to the protocols.io API (documented in SKILL.md).
- Boundary markers: No delimiters or instructions to ignore embedded commands within the fetched data are present.
- Capability inventory: The skill performs network operations using the 'requests' library (documented in SKILL.md).
- Sanitization: There is no evidence of sanitization, validation, or filtering of the content received from the API before it is processed by the agent.
Audit Metadata