webmcp-testing

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by combining high-privilege tool access with external data ingestion.
  • Ingestion points: Untrusted data is ingested via the WebFetch and WebSearch tools as described in the agent testing workflows (SKILL.md).
  • Boundary markers: The skill does not implement or recommend delimiters or instructions to the agent to disregard commands embedded in the fetched external content.
  • Capability inventory: The skill permits the use of powerful tools including Bash, Write, and Edit, which could be exploited if the agent is manipulated (SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation logic for data retrieved from external tools before it is processed by the AI agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — webmcp-testing