Skills
skills/psylch/tech-research-skill/tech-research/Gen Agent Trust Hub

tech-research

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a custom bash script scripts/grok_setup.sh which uses dynamic Python commands to programmatically modify the agent's global configuration file (~/.claude.json). While it includes backup and rollback logic, this allows the skill to alter the execution environment of the agent.
  • [DATA_EXFILTRATION]: The scripts/grok_setup.sh script reads and parses ~/.claude.json. This file is a sensitive configuration path that may contain environment variables, API keys, or other credentials for configured MCP servers.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and synthesizes untrusted data from X/Twitter, GitHub READMEs, and general web searches.
  • Ingestion points: Untrusted data enters the agent context through the Grok, DeepWiki, and WebSearch subagents defined in references/subagent_templates.md.
  • Boundary markers: Absent. There are no explicit delimiters or instructions to ignore embedded commands within the synthesized research findings.
  • Capability inventory: The skill has the ability to execute shell commands (bash), manage subagents (Task), and automate browser sessions.
  • Sanitization: Absent. There is no evidence of validation or filtering for the external content before it is merged into the final report.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 07:22 AM