research-paper
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions and reference files without any executable scripts or binary files.
- [COMMAND_EXECUTION]: The instructions direct the agent to execute shell commands (e.g.,
npx tsc) for code validation. These commands are intended to be user-defined within local project configuration files. - [EXTERNAL_DOWNLOADS]: The skill uses web search tools to fetch research data from external websites and publications to inform the content generation process.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted data from web search results.
- Ingestion points: Data enters the context via
WebSearchand local mode files. - Boundary markers: None identified to isolate external data from instructions.
- Capability inventory: The agent can perform file system writes and execute subprocess commands.
- Sanitization: No explicit sanitization of web content is described.
Audit Metadata