verified-infographic-generator

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from web search results in Phase 2. A malicious website could contain instructions intended to influence the fact-verification process. However, this is mitigated by the mandatory user checkpoint in Phase 4 and the requirement for explicit quoted passages in Phase 3.\n
  • Ingestion points: User input (Phase 1) and external web content (Phase 2) referenced in SKILL.md and verification-report-template.md.\n
  • Boundary markers: The skill uses structured YAML and Markdown templates, but lacks explicit boundary instructions to ignore instructions found within external sources.\n
  • Capability inventory: Web search tools, file writing to 'docs/posters/', and image model invocation specified in SKILL.md.\n
  • Sanitization: The verification and classification logic in Phase 3 requires direct quotes and source URLs for all numeric claims, which serves as a validation layer.\n- [SAFE]: No remote code execution patterns, package installations, or dynamic script executions were detected. The skill uses standard image generation tools and follows a well-defined audit trail for file creation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 03:36 PM
Security Audit — agent-trust-hub — verified-infographic-generator