Skills
skills/opensensenova/sensenova-skills/sn-research-synthesis/Gen Agent Trust Hub

sn-research-synthesis

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's architecture creates a surface for indirect prompt injection by ingesting and processing untrusted data from multiple external sources.\n
  • Ingestion points: The skill reads project-specific files including {report_dir}/request.md, {report_dir}/plan.json, and all markdown files within {report_dir}/sub_reports/.\n
  • Boundary markers: There are no instructions defining the use of delimiters, XML tags, or triple quotes to isolate the external content from the skill's own instructions.\n
  • Capability inventory: The skill utilizes file-system read capabilities for research data and file-write capabilities to generate the {report_dir}/synthesis.md output.\n
  • Sanitization: The instructions do not prescribe any validation, escaping, or filtering of the content retrieved from the sub-reports before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:37 AM