Skills
skills/fw1201/tw-research-skills/tw-research-synchronizer/Gen Agent Trust Hub

tw-research-synchronizer

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill functions as a questionnaire that stores user responses in a configuration file used as context for other skills. This creates an attack surface for indirect prompt injection if a user provides malicious instructions instead of research data.
  • Ingestion points: User responses to survey questions Q1-Q18 in SKILL.md.
  • Boundary markers: The generated 'researcher-profile.md' does not employ delimiters or 'ignore instructions' markers to isolate user-provided data.
  • Capability inventory: The skill uses 'Bash', 'Read', and 'Write' for local file system operations and a 'Notion' tool for data backup.
  • Sanitization: No input validation or character escaping is applied to user responses before they are written to the configuration file.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 12:51 PM