Lead Research Assistant
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, such as obfuscation, privilege escalation, or persistence mechanisms, were found in the skill body or metadata.
- [PROMPT_INJECTION]: The skill processes external data via the 'xlsx_to_json' tool, which presents a surface for indirect prompt injection. This is inherent to its research function.
- Ingestion points: External data sources and files processed via 'xlsx_to_json'.
- Boundary markers: No specific delimiters or instructions to ignore embedded content are present.
- Capability inventory: The skill can write files ('create_docx') and read files ('xlsx_to_json').
- Sanitization: No sanitization or validation steps are defined in the skill configuration.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file access, or suspicious network activity were identified.
- [COMMAND_EXECUTION]: The skill utilizes specified MCP tools for its primary functionality and does not show any evidence of arbitrary command execution or shell access.
Audit Metadata