Skills
skills/exopriors/skills/research-workflow/Gen Agent Trust Hub

research-workflow

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill retrieves and processes untrusted research content from community and academic platforms, creating a surface for indirect prompt injection.
  • Ingestion points: Data enters the agent context via scry.entities and OpenAlex queries in SKILL.md and references/workflow-templates.md.
  • Boundary markers: The skill includes an explicit instruction to treat all retrieved corpus text as untrusted and to ignore instructions found inside payloads.
  • Capability inventory: The skill performs network requests via curl and executes complex SQL queries through a managed API.
  • Sanitization: The documentation specifies server-side secret redaction for shares and enforces filtering of 'dangerous' content risk levels.
  • [COMMAND_EXECUTION]: The skill uses curl to interact with the ExoPriors API endpoints for search, embedding, and reranking. All endpoints are hosted on vendor-owned infrastructure at api.exopriors.com.
  • [EXTERNAL_DOWNLOADS]: The skill fetches research corpus data and academic metadata from external sources including LessWrong, HackerNews, and OpenAlex via the vendor API.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 08:32 AM