research-content-router
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for processing external data from internet searches and user documents. This creates an 'Indirect Prompt Injection' surface where malicious instructions embedded in web content could potentially influence the agent's output. However, the instructions themselves contain no malicious bypasses.
- Ingestion points:
SKILL.md(Stage 1: Research) specifies the use of internet search and private domain data. - Boundary markers: None specified in the instructions to separate external data from system instructions.
- Capability inventory: The skill is limited to content synthesis and delivery within the agent's standard interface; no dangerous shell or system capabilities are invoked.
- Sanitization: No explicit sanitization or validation of external source content is mentioned.
- [SAFE]: No evidence of hardcoded credentials, remote code execution, or data exfiltration was found. The skill is purely instructional and does not include scripts or binaries.
Audit Metadata