ads-quick
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from the web.\n
- Ingestion points: Data enters the context via WebFetch (Step 1) and WebSearch (Step 5) in SKILL.md.\n
- Boundary markers: Instructions lack specific delimiters or markers to isolate untrusted web content from agent instructions.\n
- Capability inventory: The skill is restricted to terminal output only and has no capabilities for file system modification, command execution, or arbitrary network requests across SKILL.md.\n
- Sanitization: No sanitization or filtering is applied to the retrieved web content.
Audit Metadata