researchers-verifier
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from external sources. Ingestion points: The skill retrieves content from external URLs via 'WebFetch' and 'WebSearch', and reads local files using 'Read', 'Grep', and 'Glob'. Boundary markers: The instructions do not specify any delimiters or safety warnings to distinguish between content and instructions in the fetched data. Capability inventory: The skill is granted 'Write' and 'Edit' access to the file system and 'WebFetch' network access. Sanitization: There is no evidence of input validation or content sanitization being performed on retrieved data.
Audit Metadata