Skills
skills/indranilbanerjee/digital-marketing-pro/entity-audit/Gen Agent Trust Hub

entity-audit

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from untrusted external sources.
  • Ingestion points: Content is retrieved from Wikidata, Google Knowledge Panels, Wikipedia articles, and various industry directories (Steps 2, 3, 4, and 5).
  • Boundary markers: The instructions do not specify delimiters or warnings to treat this external content strictly as data rather than instructions.
  • Capability inventory: The agent uses the collected data to generate reports and action plans, and it executes a local script (geo-tracker.py) to record findings.
  • Sanitization: There is no mention of validation or sanitization of the content retrieved from public, user-editable platforms like Wikipedia or Wikidata.
  • [COMMAND_EXECUTION]: The skill executes a local script to persist audit results.
  • Evidence: Step 6 explicitly calls geo-tracker.py entity-check with multiple arguments derived from the audit process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:18 AM