ln-812-optimization-researcher
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests and processes untrusted data from web search results to establish benchmarks and solution candidates, which creates an indirect prompt injection surface where malicious external content could influence the generated hypotheses.
- Ingestion points: WebSearch results processed in Phase 1 (Competitive Analysis) and Phase 2 (Bottleneck-Specific Research) to define performance targets and solutions.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' warnings when interpolating external search data into the research context.
- Capability inventory: The skill utilizes local file-read tools (Grep/Read) and writes JSON research artifacts to the .hex-skills/runtime-artifacts/ directory.
- Sanitization: No explicit sanitization, validation, or escaping of the external web content is described before it is processed for the final report.
- [EXTERNAL_DOWNLOADS]: The skill is configured to automatically fetch missing reference and instruction files from the author's public GitHub repository (levnikolaevich/claude-code-skills) via WebFetch if they are not present in the local environment.
- [COMMAND_EXECUTION]: Executes local searches using grep to scan the codebase for specific infrastructure patterns like 'redis', 'connection pool', 'lru_cache', and 'async' methods during the Phase 3 capability check.
Audit Metadata