harvest-competitive
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is instructed to ingest untrusted data from external URLs and process it with high-privilege tools.
- Ingestion points: The skill uses the
WebFetchtool to retrieve content from arbitrary, potentially attacker-controlled competitor websites. - Boundary markers: There are no explicit instructions or delimiters defined to isolate the fetched external content from the agent's core instructions.
- Capability inventory: The skill is granted access to powerful tools including
Bash(shell command execution),Write(file system modification), andWebFetch(network access), which could be leveraged if an attacker successfully injects instructions through a website. - Sanitization: The instructions do not specify any validation, sanitization, or filtering of the content retrieved from external sources before it is processed or used in subsequent steps.
Audit Metadata