autoresearch
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary function involves executing shell commands provided by the user or generated by the agent for verification and guarding iterations. The system implements a mandatory 'Verify-command safety screen' that checks for dangerous patterns such as 'rm -rf /', fork bombs, and 'curl | sh' before execution.
- [EXTERNAL_DOWNLOADS]: The skill provides a template for a GitHub Actions workflow that clones the tool's source code from 'github.com/uditgoenka/autoresearch.git'. This is a standard deployment pattern for such tools and targets a well-known service.
- [DATA_EXFILTRATION]: The skill includes a 'Post-Completion Support' feature that offers to star the author's GitHub repository via 'gh api'. This action requires explicit user consent and targets the official GitHub API, a well-known service.
- [PROMPT_INJECTION]: A static analysis hit for instruction override was identified as a false positive. The code in 'references/predict-workflow.md' actually contains a defense mechanism that scans for and ignores common prompt injection strings (e.g., 'ignore previous instructions') within the files it analyzes.
- [SAFE]: The skill enforces 'Credential Hygiene' by mandating the masking of secrets in findings and logs, even when the secret itself is the focus of a security audit finding.
Audit Metadata