discover-research
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill instructions or metadata.
- [NO_CODE]: The skill contains no executable scripts, shell commands, or network operations. It functions exclusively as a markdown-based configuration and navigation guide.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by instructing the agent to ingest external files from the
<cc-polymath-root>/skills/research/directory. - Ingestion points: Multiple
Readinstructions targeting localized markdown files (e.g.,research-synthesis.md,quantitative-methods.md). - Boundary markers: None present in the loader file.
- Capability inventory: No subprocess calls, file-write operations, or network operations are present within this skill file.
- Sanitization: No evidence of sanitization or validation of the content of the target files within this skill.
Audit Metadata