extract
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: No direct prompt injection or safety bypass instructions were found within the skill files.
- [DATA_EXFILTRATION]: No network operations, hardcoded credentials, or sensitive file access patterns were detected.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote script downloads or external package installations.
- [COMMAND_EXECUTION]: No operating system commands, shell scripts, or subprocess executions are present.
- [NO_CODE]: The skill consists entirely of markdown instructions and YAML configuration for an AI agent, with no functional code attached.
- [SAFE]: The workflow describes standard logic for document analysis and local file organization.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes external research documents. Evidence: 1. Ingestion points: Reads 'specified research documents' as per the 'Document Structure Analysis' step in SKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided. 3. Capability inventory: The skill instructs the agent to write files to a 'research_frameworks/' directory. 4. Sanitization: No content filtering or validation of the input document is mentioned.
Audit Metadata