uapi-post-search-aggregate
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill is configured to interact with the external domain
uapis.cnto retrieve search data. This is the primary documented function of the skill and represents legitimate communication with the service provider's infrastructure.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes and interprets content from a search API which could contain adversarial instructions.\n - Ingestion points: Untrusted data enters the agent context via the output of the
POST /search/aggregatetool as described inreferences/operations/post-search-aggregate.md.\n - Boundary markers: The instructions do not define delimiters or provide 'ignore embedded instructions' warnings for the data ingested from the search service.\n
- Capability inventory: The skill's defined capabilities are limited to information retrieval; no high-risk capabilities such as arbitrary code execution or file system writes were identified.\n
- Sanitization: There is no documentation or implementation of sanitization, filtering, or validation of the search results before they are processed by the agent.
Audit Metadata