plan-hiking-tour
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it uses WebSearch and WebFetch to gather information about trails from the public internet. Malicious instructions placed on third-party websites could potentially influence the agent's logic or the contents of the generated hiking plan. \n
- Ingestion points: External trail descriptions are ingested in 'Step 2: Select Trail Candidates' using WebSearch and WebFetch. \n
- Boundary markers: The procedure lacks explicit boundary markers or instructions for the agent to ignore any commands found within the retrieved trail data. \n
- Capability inventory: The skill's capabilities are restricted to information gathering (Read, Grep, Glob, WebFetch, WebSearch) and it does not have the ability to execute arbitrary code or write to the file system. \n
- Sanitization: There is no mechanism described for sanitizing or filtering the content fetched from external websites before it is processed.
Audit Metadata