hypothesis-generation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No patterns detected that attempt to override system instructions or safety constraints.
- Data Exposure & Exfiltration (SAFE): No hardcoded secrets or access to sensitive files. Network use is confined to research-based web retrieval.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No package installations or remote script executions are performed.
- Indirect Prompt Injection (LOW): The skill processes untrusted data from web searches. 1. Ingestion points: Step 2 (Literature Search) in SKILL.md uses WebFetch and WebSearch. 2. Boundary markers: Absent. 3. Capability inventory: No file writing, shell access, or dynamic code execution capabilities across ALL files. 4. Sanitization: No specific sanitization or escaping of external content is defined. The risk is considered low as the skill only generates descriptive text and lacks high-privilege tools.
Audit Metadata