customer-research
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its primary function of ingesting and analyzing untrusted content from external web platforms. \n
- Ingestion points: Data is retrieved from Reddit, YouTube, X/Twitter, and various review sites (G2, Capterra) using tools such as
web_scrape_page,scrape_reddit, andyoutube_comments_search(SKILL.md, references/source-playbooks.md). \n - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions embedded in the scraped data. \n
- Capability inventory: The retrieved data is processed through synthesis templates to create reports and personas (references/synthesis-templates.md). No high-risk tools like arbitrary shell execution are used to process this untrusted data. \n
- Sanitization: No sanitization of the scraped data is mentioned or implemented before the synthesis phase. \n- [COMMAND_EXECUTION]: The skill executes various platform-specific research and scraping tools such as
scrape_reddit,search_tweets, andyoutube_top_videosto gather qualitative data (SKILL.md). \n- [EXTERNAL_DOWNLOADS]: The skill facilitates data retrieval from well-known social media and technology review services (Reddit, X, YouTube, TikTok, G2, etc.), which is consistent with the primary use case of customer research.
Audit Metadata