recency-guard
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a legitimate tool for fact-checking and does not contain malicious code, obfuscation, or unauthorized data access patterns. Its design promotes accuracy and evidence-based reasoning.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its reliance on web-capable subagents for factual verification. This is a common attack vector for systems that retrieve external data.
- Ingestion points: External web content enters the workflow during the search phases of
subagents/recency-checker.mdandsubagents/claim-verifier.md. - Boundary markers: The instructions lack explicit structural delimiters (e.g., XML tags) for isolating search content from processing instructions.
- Capability inventory: The orchestrator uses subagent tools to perform verification and integrates results to modify the final response.
- Sanitization: The skill mitigates risks through a source-quality hierarchy and targeted extraction of factual claims, which filters out most non-relevant external data.
Audit Metadata