agency-client-audit

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches public data and technical metadata from company websites and well-known services (such as GitHub, Cloudflare, and Google) to conduct research. These operations are transparent, cite their sources, and are core to the skill's auditing functionality.
  • [COMMAND_EXECUTION]: Provides templates for curl commands to perform technical SEO and infrastructure diagnostics. These commands are localized to the audit task and target public web endpoints for data retrieval only.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted data from the web during its discovery phase. This is inherent to the skill's primary research purpose, and the instructions prioritize synthesizing this data into reports rather than executing code based on it.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 04:40 PM
Security Audit — agent-trust-hub — agency-client-audit