research-web
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface.\n
- Ingestion points: Phase 2 instructions guide the agent to fetch and read content from external documentation sites, GitHub repositories, and community resources.\n
- Boundary markers: Absent. No specific instructions are provided to the agent to treat external content as untrusted or to use delimiters.\n
- Capability inventory: The skill assumes the agent has capabilities for web searching and file-writing to the local filesystem (e.g., /tmp/research-web-...).\n
- Sanitization: Absent. Content is processed and synthesized into a research log without validation or escaping.\n- [NO_CODE] (SAFE): No executable code detected. The skill consists solely of markdown instructions for the AI agent, which reduces direct risks related to malicious scripts or binaries.
Audit Metadata