research
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill's primary function is to research external web sources and code repositories, which creates a surface for indirect prompt injection. The skill mitigates this risk by enforcing structured evidence capture and providing a validation checklist for the agent to verify findings against primary sources.
- Ingestion points: Ingests content from the web and remote repositories in
Step 3: Research + Evidence Capture. - Boundary markers: Uses standardized evidence file templates and markdown code blocks to delimit external content.
- Capability inventory: Local script execution via
bun(scripts/generate-catalogue.ts), file system modification (scripts/normalize-reports.ts), and agent-controlled web search. - Sanitization: Synthesis steps require the orchestrator to resolve conflicts and verify evidence before writing final reports.
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill executes local TypeScript scripts using the
bunruntime and depends on the standardgray-matterpackage for parsing metadata. It also facilitates cloning of official or specified repositories for codebase research. - Evidence: Scripts are located in the
scripts/directory and managed viapackage.json. Git operations are documented inreferences/source-code-research.md. - [COMMAND_EXECUTION]: The skill uses shell commands through
execSyncin its internal maintenance scripts to perform git operations and file searching. - Evidence:
scripts/normalize-reports.tsusesgrepfor cross-reference updates andgit rev-parseto identify the repository root.
Audit Metadata