serp-analysis

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from web search results, which represents an indirect prompt injection surface. This is mitigated through explicit security boundaries.
  • Ingestion points: Search engine result pages and web content fetched via connectors (SKILL.md).
  • Boundary markers: Present. The skill contains a specific 'Security boundary' section that warns the agent to treat fetched content as evidence and ignore any embedded instructions.
  • Capability inventory: Uses python3 to run connector scripts and WebFetch for page analysis.
  • Sanitization: The agent is instructed to flag owner overrides or prompt-like directives as inconsistency evidence instead of executing them.
  • [COMMAND_EXECUTION]: The skill provides instructions for executing local Python scripts (firecrawl.py and tavily.py) located within the platform's script directory to retrieve search data. These connectors target well-known services and are standard tools for search-related marketing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — serp-analysis