citations
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is entirely prompt-based and does not contain any executable scripts, binary files, or package dependencies.
- [SAFE]: No malicious patterns, such as hardcoded credentials, unauthorized network calls, or safety guideline bypasses, were detected in the skill instructions.
- [PROMPT_INJECTION]: The skill processes untrusted external documents (research reports and sources), which represents a surface for indirect prompt injection. This is evaluated as safe because the skill has no dangerous operational capabilities (such as network access or command execution) that could be exploited via injection. 1. Ingestion points: Research reports and source reference data provided to the agent. 2. Boundary markers: No explicit delimiters are specified for the input data. 3. Capability inventory: The skill is restricted to text transformation and lacks file system, network, or shell access. 4. Sanitization: Instructions strictly mandate that the agent must not modify original content, which acts as a structural safety constraint.
Audit Metadata