website-audit
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection as it is designed to ingest and process arbitrary content from external URLs.
- Ingestion points: Website content is systematically fetched during Phase 2 as described in SKILL.md.
- Boundary markers: There are no instructions to use delimiters or ignore embedded instructions when the agent processes the fetched content for the audit report.
- Capability inventory: The skill possesses the ability to write to the file system at /mnt/user-data/outputs/ and request user input via the ask_user_input_v0 tool.
- Sanitization: The instructions do not specify any sanitization, filtering, or validation of the fetched website content before it is processed by the agent.
Audit Metadata