researching
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a well-defined process for codebase research, including establishing user preferences and autonomy levels upfront.
- [SAFE]: Data handling is restricted to reading codebase files and writing research documentation to a local directory (
thoughts/). No evidence of unauthorized network transmission or secret exfiltration was found. - [SAFE]: The skill uses internal sub-agents (e.g.,
codebase-locator,codebase-analyzer) and thecontext7MCP for documentation fetching, which are standard components of the vendor's ecosystem. - [SAFE]: Indirect prompt injection risk is minimal and inherent to the tool's purpose of reading codebase files; the instructions emphasize documenting existing state rather than executing code or evaluating suggestions.
Audit Metadata