amazon-niche-finder

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill utilizes the web_fetch tool to ingest content from Amazon product pages (BSR, reviews, ratings) to perform market analysis. This ingestion of untrusted external data presents a surface for indirect prompt injection, where an attacker could place malicious instructions in product metadata or reviews to influence the agent's logic.
  • Ingestion points: Amazon product pages accessed via web_fetch and web_search.
  • Boundary markers: Absent; there are no specific delimiters or safety instructions defined to isolate the fetched web content from the agent's primary instructions.
  • Capability inventory: The skill uses web_search and web_fetch to retrieve data and generates structured analysis reports.
  • Sanitization: There are no explicit instructions for the agent to sanitize or validate the integrity of the fetched web data before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 04:21 AM
Security Audit — agent-trust-hub — amazon-niche-finder