Skills
skills/zubair-trabzada/ai-agency-claude/agency-quick/Gen Agent Trust Hub

agency-quick

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via external web content.
  • Ingestion points: The WebFetch command in SKILL.md ingests untrusted data from arbitrary URLs provided by the user.
  • Boundary markers: The skill does not implement boundary markers or specific instructions (e.g., "treat the following as data only") to prevent the agent from executing instructions found on the target webpage.
  • Capability inventory: The agent's capabilities are limited to data analysis and terminal output; no high-risk capabilities like file writing or subprocess execution are present.
  • Sanitization: There is no evidence of content filtering or sanitization applied to the retrieved webpage data before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:29 PM