research
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No override, bypass, or 'ignore previous instruction' patterns were detected. The language is purely instructional for the research process.
- [Indirect Prompt Injection] (LOW): The skill describes a workflow that ingests untrusted data from the web (WebSearch, WebFetch). While this creates an attack surface for indirect prompt injection, it is an inherent risk of research tasks, and no specific vulnerabilities or exploitation patterns are present in the skill description.
- Ingestion points: WebSearch and WebFetch tools mentioned in Step 2 (Gather).
- Boundary markers: None specified in the markdown instructions.
- Capability inventory: Reading files, grepping code, and web searching.
- Sanitization: Not explicitly mentioned in the process steps.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration commands were found. The mention of reading files and web searching is consistent with the skill's primary purpose.
- [Remote Code Execution] (SAFE): There are no commands or patterns for downloading or executing remote scripts (e.g., curl | bash).
Audit Metadata