tw-research-grant-writer
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override instructions, safety bypasses, or system prompt extraction patterns were detected. The instructions follow a professional academic tone.
- [DATA_EXFILTRATION]: No evidence of hardcoded credentials, sensitive file access (e.g., SSH keys, AWS configs), or exfiltration of researcher data to external servers. Use of the 'Write' tool is restricted to saving local Markdown drafts as described in the workflow.
- [COMMAND_EXECUTION]: While 'Bash' is listed in 'allowed-tools', the skill instructions do not invoke any shell commands for system modification, persistence, or privilege escalation. It primarily guides the AI in content generation.
- [EXTERNAL_DOWNLOADS]: The skill does not download or execute remote scripts or binary payloads. It utilizes a 'WebSearch' tool to find legitimate academic literature, which is consistent with its stated purpose.
- [REMOTE_CODE_EXECUTION]: No patterns of dynamic code execution (e.g., eval, exec) or remote code fetching were identified.
- [OBFUSCATION]: No Base64, hex encoding, zero-width characters, or hidden text patterns were found in any of the files.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests external data via 'WebSearch' in Step 3 to find relevant research. While there are no explicit boundary markers to delimit this untrusted content, the impact is minimal as it is used for drafting prose rather than executing logic. Severity is assessed as SAFE given the context.
Audit Metadata