refresh
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill defines a standard professional workflow for regulatory compliance. It provides clear instructions for using browser tools to access legitimate business registries, sanctions lists, and reputable news sources.
- [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection as it requires the agent to read and process content from external web sources. This is a characteristic of the primary task (web-based due diligence). Ingestion points: Web search results and business registry data retrieved during Step 2. Boundary markers: None specified. Capability inventory: The agent uses browser tools for data collection and reporting tools for output generation. Sanitization: No explicit content sanitization or validation protocols are mentioned for the external data.
- [NO_CODE]: This skill contains instructional documentation and regulatory references without any executable scripts or binary files.
Audit Metadata