competitor-intel
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted data from the web (competitor websites, blogs, and social media) without providing instructions for the agent to ignore or sanitize potential instructions embedded within that data.
- Ingestion points: External data is collected via web search, web fetch (arbitrary URLs), and Apify social scraping results (SKILL.md).
- Boundary markers: The skill instructions do not specify the use of delimiters or "ignore embedded instructions" warnings when processing the fetched content.
- Capability inventory: The skill utilizes web research tools. The security risk level is associated with the potential for instructions in the fetched data to influence the agent's behavior.
- Sanitization: No sanitization, escaping, or validation of the external content is mentioned before it is interpolated into the agent's context.
Audit Metadata