skills/ndpvt-web/arxiv-claude-skills/deepimagesearch-benchmarking-multimodal-agents/Gen Agent Trust Hub
deepimagesearch-benchmarking-multimodal-agents
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions create a surface for indirect prompt injection by processing untrusted data with capable tools.
- Ingestion points: The agent is instructed to use
WebSearchto fetch information from the public internet andViewPhotosto inspect visual content and metadata from potentially untrusted image libraries. - Boundary markers: The workflow lacks instructions for using delimiters or "ignore embedded instructions" warnings when handling this external data, increasing the risk that instructions embedded in web pages or metadata could be obeyed.
- Capability inventory: The skill defines tools with network access (
WebSearch) and the ability to view/read local files (ViewPhotos,GetMetadata). - Sanitization: No sanitization, validation, or filtering of external content is described before the data is interpolated into reasoning chains.
Audit Metadata