tech-decision
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill coordinates several specialized agents to perform technical research. It uses the
codebase-exploreragent to gain context from the current project and other tools to search documentation and community feedback. This behavior is consistent with its stated purpose as a decision-support tool. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests data from external sources like Reddit, Hacker News, and technical documentation via the
dev-scananddocs-researchertools. This is documented as a theoretical risk factor inherent to research-based AI workflows. - Ingestion points: Data is collected from external technical communities and web-based documentation files.
- Boundary markers: The skill does not explicitly define delimiters or 'ignore' instructions for the data being ingested by research agents.
- Capability inventory: The workflow includes codebase reading capabilities and network-based research, but lacks direct execution or sensitive file exfiltration commands.
- Sanitization: No explicit sanitization or filtering of external content is specified in the skill's instructions.
Audit Metadata