research
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from the web (web search results and documentation). It includes several mitigation strategies: it instructs the agent to 'distill' information into single lines of text ('caveman lines') to strip away potentially malicious prose, and it explicitly suggests spawning a sub-agent to ensure raw, untrusted pages do not enter the main conversation context. This isolation and distillation process follows security best practices for handling external data.
Audit Metadata