component-research
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches template definitions from GitLab's raw file service (gitlab.com). This is a well-known service and necessary for the skill's research function.
- Evidence: Found in references/decision-process.md Phase 0.2.
- Context: The skill constructs URLs to the official TBC repository to analyze the underlying logic of CI/CD templates.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection (Category 8) when processing external YAML files and search results.
- Ingestion points: Remote file downloads and web search results in references/decision-process.md (Phases 0.2 and 0.4).
- Boundary markers: The skill does not implement specific boundary delimiters for parsed external content.
- Capability inventory: Capabilities include web searching, fetching remote files, and cross-skill invocation (identify-core-need, building-with-tbc).
- Sanitization: No sanitization is mentioned, but the mandatory AskUserQuestion tool provides a human-in-the-loop safety mechanism that mitigates the risk of automated instruction following.
Audit Metadata