autoresearch
Fail
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to create and run a shell script (
autoresearch.sh), which enables arbitrary command execution within the environment based on the agent's defined goals. - [COMMAND_EXECUTION]: The cleanup process uses
git clean -fdandgit checkout -- ., which are destructive commands that delete uncommitted work and untracked files without confirmation. - [PROMPT_INJECTION]: The skill contains instructions to 'LOOP FOREVER' and 'NEVER STOP', which are behavioral overrides that could lead to unintended persistence and resource exhaustion.
Recommendations
- AI detected serious security threats
Audit Metadata