Skills
skills/jubscodes/get-shit-pretty/gsp-brand-research/Gen Agent Trust Hub

gsp-brand-research

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to download content from competitor URLs discovered in the local .design/branding/{brand}/BRIEF.md file. This content is then provided as context to the research agent.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8c). Content fetched from external websites is inlined into the gsp-brand-researcher agent's prompt without visible sanitization or robust boundary markers. An attacker who controls a competitor website could embed malicious instructions to manipulate the research output or the agent's actions.
  • Ingestion points: Competitor websites are fetched via WebFetch in Step 2.5 and the resulting content is inlined into the agent prompt in Step 3.
  • Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore potential commands embedded in the fetched web content.
  • Capability inventory: The agent has access to Write and Bash tools, meaning an injection could potentially lead to unauthorized file modifications or command execution.
  • Sanitization: There is no evidence of content filtering or sanitization performed on the fetched external data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:01 AM
Security Audit — agent-trust-hub — gsp-brand-research