amazon-category-research

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests and processes untrusted product titles, prices, and review text scraped directly from Amazon category pages. This data is passed to multiple subagents for analysis without explicit sanitization or the use of boundary markers to distinguish between data and instructions.
  • Ingestion points: External data is collected via the mcp__playwright__browser_evaluate tool in Step 1.2 and 1.4 of SKILL.md.
  • Boundary markers: The analysis prompts in Phase 2 of SKILL.md do not utilize delimiters (like triple backticks or XML-style tags) or specific instructions for the LLM to ignore any command-like text within the scraped product data.
  • Capability inventory: The skill has the capability to write the resulting analysis into markdown reports and JSON data files within the local reports/ directory.
  • Sanitization: There is no evidence of string escaping or content validation performed on the scraped product data before it is interpolated into the analysis prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 04:21 AM
Security Audit — agent-trust-hub — amazon-category-research