sage
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests untrusted data from external websites and documentation sources. \n
- Ingestion points: Data enters the agent's context through the
mcp__g__scrape_page,mcp__g__search_and_scrape, andmcp__c7__query-docstools described inSKILL.md. \n - Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions found within the retrieved data. \n
- Capability inventory: The skill provides capabilities for documentation lookup, web search, and academic research. \n
- Sanitization: There is no explicit sanitization of the retrieved external content before it is processed by the agent. \n- [EXTERNAL_DOWNLOADS]: The skill is designed to retrieve content from external sources. \n
- It utilizes the Context7 (c7) MCP server to resolve library IDs and query official documentation. \n
- It utilizes the Google (g) MCP server for broader web research, including page scraping, news searches, and academic citations. \n
- These network operations are intended behaviors for a research-oriented skill using well-known services.
Audit Metadata