user-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Category 1: Prompt Injection (SAFE): No instructions attempting to bypass safety filters or override agent behavior were found.
- Category 2: Data Exposure & Exfiltration (SAFE): No hardcoded credentials, access to sensitive file paths, or unauthorized network operations are present.
- Category 3: Obfuscation (SAFE): No encoded strings, zero-width characters, or homoglyphs were detected.
- Category 4: Unverifiable Dependencies & Remote Code Execution (SAFE): The skill includes a validation script using standard libraries. It does not download or execute remote code. It uses
yaml.safe_load()which is a security best practice. - Category 5: Privilege Escalation (SAFE): No usage of sudo, chmod, or system-level configuration changes.
- Category 6: Persistence Mechanisms (SAFE): No attempts to modify startup scripts, cron jobs, or registry keys.
- Category 8: Indirect Prompt Injection (LOW): While the skill is designed to process external research data, it lacks specific boundary markers or sanitization for ingested content. However, since the skill's capabilities are limited to synthesis and documentation, the risk is minimal.
- Category 10: Dynamic Execution (SAFE): No runtime compilation, unsafe deserialization, or self-modifying code found.
Audit Metadata