host-panel
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection through its web-based research grounding mechanism.
- Ingestion points: The skill ingests untrusted data from the open web via the
WebSearchtool (Section 2) to inform persona generation and argument structure. - Boundary markers: The instructions lack explicit boundary markers or delimiters for the external content, nor do they instruct the agent to ignore potential instructions embedded in the search results.
- Capability inventory: The skill is capable of performing
WebSearchoperations and generating complex multi-persona text outputs in markdown. It does not possess capabilities for file-system modification, subprocess execution, or unauthorized network transmissions. - Sanitization: No sanitization, validation, or filtering processes are defined for the data retrieved from external sources before it is processed by the agent.
Audit Metadata