search
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from the public web via multiple search and fetch tools, which represents an attack surface for indirect prompt injection. However, it lacks exploitable capabilities such as file system writes or code execution, and includes explicit instructions for the agent to synthesize findings and provide citations rather than directly outputting raw data. 1) Ingestion points: WebSearch, WebFetch, and various MCP search tools. 2) Boundary markers: Instructions to synthesize results and provide source citations. 3) Capability inventory: No subprocess calls, eval/exec functions, or file-writing capabilities detected. 4) Sanitization: None explicit.
- [SAFE]: No sensitive file access, credential exposure, or unauthorized network operations beyond the intended search functionality were detected.
- [SAFE]: The skill does not perform any dynamic code execution or download external scripts.
- [SAFE]: Metadata and instructions are consistent with the primary purpose of information retrieval.
Audit Metadata