research
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill does not contain instructions to bypass safety filters or override agent behavior.
- [DATA_EXFILTRATION]: Accessing local files like 'profile.yaml' and the '/materials' folder is consistent with the skill's primary purpose. No suspicious network destinations or exfiltration patterns were identified.
- [INDIRECT_PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection by processing untrusted data from external sources. (Ingestion points: GitHub READMEs and web search results mentioned in SKILL.md. Boundary markers: Absent. Capability inventory: Local file reading and network requests for research. Sanitization: Absent.)
Audit Metadata