institutional-research-outline
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates external data from web searches and fetched web pages into its analysis and report generation process. This creates a surface for indirect prompt injection where malicious instructions in third-party content (such as news articles or research records) could potentially manipulate the generated output.
- Ingestion points: Data retrieved via
web_searchandweb_fetch(e.g., historical research records, news, and industry dynamics) as described in Step 1.3 and Step 4.1 ofSKILL.md. - Boundary markers: The instructions do not specify the use of clear delimiters or "ignore" instructions when processing the fetched content.
- Capability inventory: The skill's primary function is text generation and display; it lacks dangerous capabilities like arbitrary shell execution or file system writing.
- Sanitization: There are no documented steps for sanitizing or filtering the fetched external content before it is processed by the model.
Audit Metadata