Skills
skills/automateyournetwork/netclaw/wikipedia-research/Gen Agent Trust Hub

wikipedia-research

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a Python script using the environment variable WIKIPEDIA_MCP_SCRIPT. This is a standard pattern for MCP (Model Context Protocol) integrations and is considered intended behavior for this skill type.
  • [PROMPT_INJECTION]: The skill processes data from Wikipedia, which is an untrusted, publicly editable source. This creates an indirect prompt injection surface where malicious instructions placed on a Wikipedia page could theoretically influence the agent's behavior during the research process.
  • Ingestion points: Page content and summaries are retrieved via the get_content and get_summary tools in SKILL.md.
  • Boundary markers: The instructions do not define explicit boundary markers or delimiters for the fetched Wikipedia content.
  • Capability inventory: The skill uses python3 to execute commands via the $MCP_CALL utility.
  • Sanitization: No evidence of input/output sanitization or instruction-filtering is provided in the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 06:12 AM