tooluniverse-product-safety-surveillance
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues or malicious patterns were identified. The skill is limited to performing structured searches on a verified and trusted government API.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a standard vulnerability surface for indirect prompt injection because it retrieves and interprets unvalidated narratives and reports from an external source (openFDA). This is an inherent property of any tool that processes third-party data.
- Ingestion points: Data retrieved from the openFDA API via the
OpenFDA_search_*tools (e.g., medical device narratives, food reaction descriptions). - Boundary markers: Absent. The skill does not explicitly instruct the agent to use delimiters or ignore instructions found within the retrieved data.
- Capability inventory: The skill uses platform-provided tools for network-based API searching. No direct shell access or file-writing capabilities were detected.
- Sanitization: No validation or sanitization is performed on the raw text fields returned by the API.
Audit Metadata