Skills
skills/buddyh/agent-skills/deep-dive/Gen Agent Trust Hub

deep-dive

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data which creates a surface for indirect prompt injection attacks.
  • Ingestion points: Phase 2 research agents retrieve content from external websites via the WebFetch tool.
  • Boundary markers: The prompt instructions use standard Markdown headers for structure but do not implement explicit delimiters or 'ignore embedded instructions' warnings for the data retrieved from the web.
  • Capability inventory: The skill utilizes the Agent tool for parallel execution, Bash for shell access, and Write for file system persistence in Phase 5.
  • Sanitization: No sanitization, validation, or escaping of fetched web content is performed before it is synthesized into the final report.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 02:26 AM