research-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill has a significant attack surface for indirect prompt injection. Ingestion points: Untrusted data enters the context via 'WebSearch', 'WebFetch', 'Read', 'Grep', and 'Glob' tools. Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions found within the fetched content. Capability inventory: SKILL.md lists tools for reading files and accessing the network. Sanitization: No sanitization or validation of external content is specified.
- [EXTERNAL_DOWNLOADS]: The skill uses 'WebFetch' and 'WebSearch' to retrieve content from the internet. While necessary for research, this involves downloading data from potentially untrusted external sources.
- [DATA_EXFILTRATION]: Although no malicious exfiltration logic is detected, the skill's ability to read local files and perform web requests creates a functional surface where data could be moved externally.
Audit Metadata