content-research-writer
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_&_EXFILTRATION]: No evidence of credential harvesting or sensitive data exfiltration was found. The skill suggests organizing work within a dedicated
~/writing/directory, which is standard for document management. - [INDIRECT_PROMPT_INJECTION]: The skill processes external research data and user drafts, which is an inherent attack surface for indirect prompt injection. However, the instructions focus on analytical feedback and citation management rather than executing instructions found within that data. As per standard assessment, this surface is noted but does not escalate the risk level.
- [COMMAND_EXECUTION]: The skill provides instructions for the user to create directories (
mkdir) and files (touch) manually. It does not contain instructions for the agent to execute arbitrary shell commands or acquire elevated privileges. - [REMOTE_CODE_EXECUTION]: No remote script downloads (e.g., curl/wget piped to bash) or dynamic code execution patterns (e.g., eval/exec) were detected.
- [OBFUSCATION]: The content is clear and uses standard Markdown formatting. No hidden characters, Base64 strings, or encoded URLs were found.
Audit Metadata