munger-perspective
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its data ingestion workflow.
- Ingestion points: The workflow in SKILL.md requires the agent to use web search tools to gather current information from external sources.
- Boundary markers: The instructions do not specify the use of delimiters or clear separation between the agent's instructions and the untrusted data fetched from the web.
- Capability inventory: The agent has the capability to perform network requests via search tools and then use that information to generate complex, opinionated responses.
- Sanitization: There are no measures provided to sanitize or validate the content retrieved from the internet before it is processed by the model.
Audit Metadata