short-form-research

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection due to its core function of processing untrusted web content.
  • Ingestion points: Untrusted content, including video captions, verbal opening lines, and text overlays, is ingested by agents/platform-scout-agent.md using the WebFetch tool.
  • Boundary markers: Absent. The instructions do not define clear boundaries or provide explicit directives for the agent to ignore potentially malicious instructions embedded in the fetched data.
  • Capability inventory: According to the SKILL.md manifest, the agent environment has access to powerful tools including Bash, Write, WebSearch, and WebFetch.
  • Sanitization: Although agents/critic-agent.md enforces a quality gate for citations and sample sizes, there is no evidence of sanitization or filtering logic designed to mitigate the execution of instructions contained within the analyzed web content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 04:04 PM
Security Audit — agent-trust-hub — short-form-research