research-content
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses allowed tools (WebSearch, WebFetch, Read, Grep, Glob) strictly for their intended purpose of researching topics and analyzing public repositories.
- [SAFE]: The provided reference files (sector-profiles.md and twitter-algorithm.md) contain purely informational text and do not include executable code or hidden instructions.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from the web and external GitHub repositories.
- Ingestion points: Data enters via WebSearch and WebFetch (SKILL.md, Step 2) and repo analysis via Read/Grep/Glob.
- Boundary markers: None identified; external content is processed as part of the research flow.
- Capability inventory: The skill is restricted to information gathering and brief generation. It lacks the ability to execute commands (exec/eval), write to the file system (other than standard output), or perform sensitive network operations.
- Sanitization: No explicit sanitization or filtering of external content is described, but the risk is mitigated by the lack of dangerous execution tools.
Audit Metadata