external-context
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes untrusted documentation from the web using WebSearch and WebFetch tools via sub-agents.
- Ingestion points: Untrusted external web content fetched by parallel sub-agents (oh-my-claudecode:document-specialist) as described in the synthesis workflow.
- Boundary markers: Absent; there are no explicit instructions or delimiters defined to separate the retrieved search results from the agent's logic or to warn the system to ignore instructions embedded in the external content.
- Capability inventory: The skill utilizes the Task tool to orchestrate multiple sub-agents capable of external web access and data aggregation.
- Sanitization: No sanitization or validation of the external content is performed before it is synthesized into findings.
Audit Metadata