starling-watch
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted data from external web searches (Phase 2: SENSE), which introduces a surface for indirect prompt injection.
- Ingestion points: Web search results from community forums, blogs, and social media platforms (SKILL.md).
- Boundary markers: Absent. There are no specific instructions provided to the agent to treat external content strictly as data or to ignore any instructions embedded within that data.
- Capability inventory: No executable scripts or functions are included in this skill file (SKILL.md).
- Sanitization: Absent. The skill does not specify any methods for filtering or sanitizing external content before processing.
- [NO_CODE]: The skill consists exclusively of markdown instructions and does not contain any executable code, scripts, or binary files, which limits the potential for direct malicious actions like command execution or file system access.
Audit Metadata