numerai-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides instructions to run model training via shell commands (python3 -m agents.code.modeling). This is an expected capability for a research agent but represents a local execution surface.
- [PROMPT_INJECTION] (LOW): The skill contains an indirect prompt injection surface by processing user-provided 'ideas' into code and configurations. * Evidence Chain: 1. Ingestion points: User-provided research ideas (e.g., 'try a new idea'). 2. Boundary markers: Absent. 3. Capability inventory: Local python execution, file-writing, and network upload via Numerai MCP. 4. Sanitization: None mentioned in the skill instructions.
Audit Metadata