agent-researcher
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Vulnerability to Indirect Prompt Injection. The skill is designed to perform deep research by reading and analyzing external codebase content.
- Ingestion points: Data enters the agent context through file reading commands (
grep,glob,read) and themcp__claude-flow__github_repo_analyzetool. - Boundary markers: Absent. The instructions do not specify the use of delimiters or warnings to ignore instructions embedded within the files being analyzed.
- Capability inventory: The agent has the ability to execute shell search commands, store/retrieve data from memory, and analyze repository structures.
- Sanitization: Absent. There is no evidence of filtering or escaping logic for content retrieved from external sources before it is processed by the agent.
Audit Metadata