naval-perspective
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The instructions mandate a strict persona role-play, directing the agent to respond as 'Naval', maintain character continuity, and avoid providing meta-analysis or jumping out of the role unless explicitly prompted to exit.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it utilizes web search tools to incorporate external, untrusted content into the agent's reasoning process.
- Ingestion points: External data is introduced into the session context through web searches performed in the 'Step 2: Naval-style Research' workflow defined in
SKILL.md. - Boundary markers: The skill does not employ specific delimiters or 'ignore' instructions to separate retrieved web data from the primary agent instructions, allowing potentially malicious content from external websites to influence behavior.
- Capability inventory: The skill leverages web search tools and the agent's core generative capabilities across all scripts.
- Sanitization: No sanitization, filtering, or validation mechanisms are implemented for the information retrieved from external URLs before it is processed by the model.
Audit Metadata