breach-patterns
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation-only resource that provides educational patterns for security audits based on public breach disclosures. It does not contain any executable scripts, obfuscated code, or hidden malicious instructions.
- [INDIRECT_PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection through the use of web-retrieval tools.
- Ingestion points: The skill encourages the use of
WebSearchandWebFetchto ingest content from external security blogs, post-mortems, and news sites. - Boundary markers: There are no explicit instructions for the agent to use delimiters or ignore embedded instructions when processing data fetched from external URLs.
- Capability inventory: The agent has access to
Bash,Read,Grep,Glob,WebSearch, andWebFetchtools. - Sanitization: The instructions do not specify any validation or sanitization steps for content retrieved from external sources before it is processed by the agent.
Audit Metadata