serp-analysis
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from web search results, which represents an indirect prompt injection surface. This is mitigated through explicit security boundaries.
- Ingestion points: Search engine result pages and web content fetched via connectors (SKILL.md).
- Boundary markers: Present. The skill contains a specific 'Security boundary' section that warns the agent to treat fetched content as evidence and ignore any embedded instructions.
- Capability inventory: Uses python3 to run connector scripts and WebFetch for page analysis.
- Sanitization: The agent is instructed to flag owner overrides or prompt-like directives as inconsistency evidence instead of executing them.
- [COMMAND_EXECUTION]: The skill provides instructions for executing local Python scripts (firecrawl.py and tavily.py) located within the platform's script directory to retrieve search data. These connectors target well-known services and are standard tools for search-related marketing tasks.
Audit Metadata