Skills
skills/entireio/skills/search/Gen Agent Trust Hub

search

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external sources, specifically historical checkpoints and transcripts, using the entire search and entire explain commands.
  • Ingestion points: Data is pulled into the agent context via the output of shell commands in SKILL.md (e.g., entire search and entire explain).
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the retrieved content as untrusted data or to ignore embedded instructions within that content.
  • Capability inventory: The skill allows the execution of subprocesses (entire search, entire explain, and potentially entire login).
  • Sanitization: No sanitization or validation of the retrieved content is performed before the agent reviews and summarizes the results for the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 11:32 PM