funding-search
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests data from external websites.
- Ingestion points: Untrusted data enters the agent's context through web content retrieved via web_fetch from search results and external funding portals (SKILL.md).
- Boundary markers: Absent. The instructions do not provide delimiters or warnings to ignore potential instructions embedded within the fetched HTML or text.
- Capability inventory: The skill's capabilities are limited to performing web searches, fetching web content, and writing output to local markdown files. It does not possess system-level command execution or shell access.
- Sanitization: Absent. There is no evidence of filtering or validation of the external content before it is parsed for grant details.
- [EXTERNAL_DOWNLOADS]: The skill initiates network operations to retrieve data from external sources.
- It performs numerous web searches and fetches content from a variety of domains, including official government sites like nsf.gov and grants.gov, as well as several established philanthropic foundations. These network calls are essential for identifying new funding announcements.
Audit Metadata