research
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes several external tools and services to retrieve information, including OpenAlex for academic citations, Paper-search for Arxiv preprints, and Tavily for general web searching.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing untrusted external data.
- Ingestion points: The skill ingests data from external PDFs using
read_pdfand web content usingwebfetchandTavilysearch results. - Boundary markers: The instructions do not define clear delimiters or specific instructions for the agent to ignore embedded commands within the retrieved research materials.
- Capability inventory: The skill has the capability to write files to the
.ada/data/research/directory and perform network requests to well-known research databases. It does not show evidence of arbitrary command execution or unauthorized data exfiltration. - Sanitization: No sanitization or validation mechanisms are described for the content extracted from external sources before it is incorporated into the agent's context.
Audit Metadata