israeli-product-price-comparator
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of legitimate instructions for assisting users with product price comparisons in Israel. It references well-known and reputable Israeli retailers (such as Zap, KSP, and iDigital) and government resources for customs information.
- [INDIRECT_PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because its primary function involves fetching and processing data from external websites.
- Ingestion points: Data is ingested from third-party price comparison sites and retailer web pages (e.g., zap.co.il, ksp.co.il) using the
WebFetchtool. - Boundary markers: The instructions do not specify the use of delimiters or provide explicit warnings to the agent to ignore potential instructions embedded within the external HTML or product descriptions.
- Capability inventory: The skill environment permits the use of
Bash(node:*),Bash(python:*), andWebFetch, which could potentially be abused if an attacker successfully injects commands into a product page being scanned. - Sanitization: No specific sanitization or validation logic is defined for the content retrieved from external sources before it is interpreted by the agent.
Audit Metadata