sf-b2c-jobs

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions direct the agent to retrieve information using WebSearch and WebFetch to ensure it uses the latest documentation. This creates an indirect prompt injection attack surface where content from external, untrusted web sources could be ingested into the agent's context.
  • Ingestion points: Untrusted data enters the agent context through the use of WebSearch and WebFetch tools as specified in SKILL.md.
  • Boundary markers: The instructions do not include requirements for delimiters or specific warnings to ignore instructions embedded within the retrieved documentation.
  • Capability inventory: The skill allows the use of powerful tools including Bash, Write, and Edit as defined in the YAML frontmatter.
  • Sanitization: There are no procedures defined for the agent to sanitize or validate the content retrieved from external websites before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — sf-b2c-jobs