Skills
skills/pluginagentmarketplace/custom-plugin-ux-design/user-research/Gen Agent Trust Hub

user-research

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found in the skill files.
  • [Dynamic Execution] (SAFE): The script scripts/validate.py correctly uses yaml.safe_load(), which mitigates the risk of unsafe deserialization attacks.
  • [Indirect Prompt Injection] (LOW): The skill defines an interface for ingesting external data (research objectives and criteria). However, the skill lacks high-privilege side-effect capabilities such as arbitrary command execution or file modification, ensuring that any potential injection is confined to the agent's internal reasoning.
  • [Obfuscation] (SAFE): All documentation and scripts are provided in cleartext. No Base64 encoding, zero-width characters, or homoglyphs were detected.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 08:25 AM