Skills
skills/gooseworks-ai/goose-skills/icp-website-review/Gen Agent Trust Hub

icp-website-review

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external websites.
  • Ingestion points: Website content fetched via WebFetch and search results from WebSearch as described in SKILL.md (Step 2: Crawl Target Pages).
  • Boundary markers: The instructions do not explicitly provide delimiters or warnings to the agent to ignore any natural language instructions found within the fetched website content.
  • Capability inventory: The skill has the ability to read local files (personas.json), search the web, fetch web pages, and write results to the local filesystem (clients/<client-name>/icp-reviews/).
  • Sanitization: There is no explicit sanitization or filtering of the fetched content before it is used to prompt the persona reactions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:10 PM
Security Audit — agent-trust-hub — icp-website-review