lead-research-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious behavior or instructions were identified. The skill's activities are consistent with its documented purpose.
- [NO_CODE]: The skill does not include any executable scripts or software dependencies, minimizing the technical risk.
- [DATA_EXFILTRATION]: The codebase analysis feature is a core functionality intended for context gathering and does not involve instructions to exfiltrate sensitive files or credentials.
- [PROMPT_INJECTION]: The skill processes external codebase content and search results, which is a surface for indirect prompt injection. Ingestion points: local repository files and search tool outputs. Boundary markers: Absent. Capability inventory: Read access to local files and search capabilities. Sanitization: Not specified. The risk is considered low as the skill lacks high-privilege capabilities such as arbitrary command execution.
Audit Metadata