competitive-pricing-intel
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's core functionality relies on gather public information via fetch_webpage and web_search. This behavior is consistent with the stated purpose of competitive pricing intelligence.\n- [PROMPT_INJECTION]: The skill processes data from external, untrusted sources such as competitor websites and community forums. While this creates a surface for indirect prompt injection, it is an inherent risk of the skill's intended analytical function and is evaluated as safe in this context.\n
- Ingestion points: Competitor pricing URLs, Web Archive snapshots, and search results from Reddit or blogs in SKILL.md.\n
- Boundary markers: No markers or instructions are provided to the agent to distinguish between the fetched data and its own instructions.\n
- Capability inventory: The skill utilizes fetch_webpage, web_search, and local file writing for outputting reports.\n
- Sanitization: There is no evidence of input validation or sanitization for the content retrieved from external sources.
Audit Metadata