geo-citability
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted content from external URLs for analysis without explicit boundary markers. \n
- Ingestion points: The skill utilizes the WebFetch tool to retrieve content from external URLs in Step 1 of the Analysis Procedure (SKILL.md). \n
- Boundary markers: The instructions do not define delimiters or specific constraints to prevent the agent from following instructions embedded within the fetched content. \n
- Capability inventory: The skill's environment allows the use of Bash, Write, and WebFetch tools. \n
- Sanitization: No explicit sanitization or filtering of external content is described before it is processed for scoring and rewrite suggestions. \n- [SAFE]: No malicious obfuscation, hardcoded credentials, unauthorized persistence mechanisms, or dangerous command execution patterns were identified. The references to research and well-known services like Cloudflare and HubSpot are used for illustrative and analytical purposes.
Audit Metadata