local-client-prospector
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill inherently processes untrusted data from external business websites as part of its primary research workflow.
- Ingestion points: Browser research results from public business websites and social profiles (referenced in SKILL.md).
- Boundary markers: Not explicitly defined in the prompt instructions.
- Capability inventory: Uses integrated browser tool for discovery and classification; generates CSV files or chat tables.
- Sanitization: No specific sanitization logic is provided for external web content.
- [SAFE]: The skill explicitly defines 'Compliance Guardrails' that instruct the agent to avoid bypassing security measures (CAPTCHAs, paywalls), respect privacy (avoiding personal emails), and avoid bulk scraping, which aligns with safety best practices.
- [SAFE]: No hardcoded credentials, sensitive file access, or suspicious network operations beyond the intended browser-based research were detected.
Audit Metadata