prd
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified due to external data ingestion.\n- Ingestion points: Data is brought into the agent context via
WebFetchandWebSearchtools defined inSKILL.md.\n- Boundary markers: The skill lacks explicit delimiters or instructions to treat external data as untrusted, which could allow embedded prompts to be obeyed.\n- Capability inventory: The skill utilizesRead,Glob,Grep,WebFetch, andWebSearch. It does not have access to tools for writing files or executing shell commands.\n- Sanitization: No input validation or filtering is applied to the content fetched from the web.
Audit Metadata