research
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to
api.inspiro.topto retrieve research data. - [COMMAND_EXECUTION]: The skill executes local system commands including
curlfor network operations andjqfor JSON processing and validation. - [DATA_EXFILTRATION]: User-provided research queries and the
INSPIRO_API_KEYare transmitted to the external domainapi.inspiro.top. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes arbitrary web content.
- Ingestion points: The API response from
https://api.inspiro.top/researchis captured in theRESPONSEvariable inscripts/research.sh. - Boundary markers: No delimiters or safety instructions are added to the external content before it is returned to the agent's context.
- Capability inventory: The script has the ability to perform network requests (
curl) and write output to arbitrary filesystem paths if an output argument is provided. - Sanitization: The script validates that the response is valid JSON but does not sanitize or filter the actual content of the research results for malicious instructions.
Audit Metadata