amazon-category-research
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests and processes untrusted product titles, prices, and review text scraped directly from Amazon category pages. This data is passed to multiple subagents for analysis without explicit sanitization or the use of boundary markers to distinguish between data and instructions.
- Ingestion points: External data is collected via the
mcp__playwright__browser_evaluatetool in Step 1.2 and 1.4 ofSKILL.md. - Boundary markers: The analysis prompts in Phase 2 of
SKILL.mddo not utilize delimiters (like triple backticks or XML-style tags) or specific instructions for the LLM to ignore any command-like text within the scraped product data. - Capability inventory: The skill has the capability to write the resulting analysis into markdown reports and JSON data files within the local
reports/directory. - Sanitization: There is no evidence of string escaping or content validation performed on the scraped product data before it is interpolated into the analysis prompts.
Audit Metadata