Skills
skills/hec-ovi/research-skill/research/Gen Agent Trust Hub

research

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from web searches and user pastes, creating an indirect prompt injection surface.
  • Ingestion points: Web search results and fetched page content are processed by subagents, and users can provide research documents directly.
  • Boundary markers: The skill defines a structured output format and citation rules for data returned by subagents.
  • Capability inventory: The skill utilizes file read/write operations, shell commands (sed, mkdir), and subagent spawning.
  • Sanitization: A mandatory "Review before storing" step is implemented, requiring the main agent to validate information before saving it to the filesystem.
  • [COMMAND_EXECUTION]: The skill uses shell commands to manage its project-scoped data storage.
  • Evidence: Instructions involve sed for targeted content extraction from findings, mkdir for directory structure creation, and git rev-parse for resolving the project root.
  • Context: These commands are used for the intended purpose of maintaining the research store and operate within the project's local environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 08:59 AM