amazon-niche-finder
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes the
web_fetchtool to ingest content from Amazon product pages (BSR, reviews, ratings) to perform market analysis. This ingestion of untrusted external data presents a surface for indirect prompt injection, where an attacker could place malicious instructions in product metadata or reviews to influence the agent's logic. - Ingestion points: Amazon product pages accessed via
web_fetchandweb_search. - Boundary markers: Absent; there are no specific delimiters or safety instructions defined to isolate the fetched web content from the agent's primary instructions.
- Capability inventory: The skill uses
web_searchandweb_fetchto retrieve data and generates structured analysis reports. - Sanitization: There are no explicit instructions for the agent to sanitize or validate the integrity of the fetched web data before processing it.
Audit Metadata