research-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of instructional markdown files and configuration metadata. No executable scripts (.py, .js, .sh) or remote code execution patterns were identified. All URLs provided in the documentation refer to the official repository and website of the author, 'The Agent Ledger'.
- [INDIRECT_PROMPT_INJECTION]: The skill provides instructions for ingesting and processing untrusted data from the web, which creates a potential attack surface.
- Ingestion points: External content is ingested during Phase 2 ('Search & Collect') as described in
SKILL.md. - Boundary markers: There are no explicit instructions for the agent to use XML-style tags or other delimiters to segregate ingested content from system instructions when storing briefs.
- Capability inventory: The workflow relies on the agent's external capabilities for web search and local file writing (specifically within the
research/directory). - Sanitization: The protocol includes an evaluation step (Phase 3) to assess source authority and bias, which acts as a manual oversight mechanism rather than technical sanitization.
Audit Metadata