research-spike
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No patterns of instruction override, jailbreak, or system prompt extraction were detected. The instructions are focused on defining a research workflow.
- DATA_EXFILTRATION (SAFE): No hardcoded credentials or access to sensitive system paths were identified. The skill's data operations are limited to research documentation.
- REMOTE_CODE_EXECUTION (SAFE): The skill does not perform external package installations or execute remote scripts.
- Indirect Prompt Injection (LOW): The skill processes untrusted data during its information-gathering phase. 1. Ingestion points: Web search for documentation and tutorials, and codebase exploration (SKILL.md). 2. Boundary markers: Absent in the prompt instructions. 3. Capability inventory: Web search and file system writes (to the 'research/' directory). 4. Sanitization: Employs an 'Anti-Hallucination Protocol' and 'Quality Gates' that require verification against sources, reducing but not eliminating the risk from adversarial content.
Audit Metadata