research
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates defensive strategies such as Chain-of-Verification (CoVe) and Atomic Fact Decomposition to ensure the agent does not act on unverified instructions. It is designed to process untrusted data from the web (Ingestion points: WebFetch, git clone). It utilizes the CoVe process as a logical boundary for external content. The agent has access to Bash and Task tools (Capability inventory). Sanitization relies on the agent's ability to verify and quote primary sources.- [EXTERNAL_DOWNLOADS]: The skill makes network requests to well-known search providers (Perplexity, Kagi, Exa, Tavily) and official GitHub APIs. These operations are consistent with the skill's primary research purpose and target trusted or well-known services.- [COMMAND_EXECUTION]: Restricted Bash access (gh:*) is used specifically for GitHub CLI operations to fetch repository content. The skill also defines a structured Repo Cloning Pattern in references/repo-cloning-pattern.md that uses temporary directories and ensures cleanup after research, minimizing potential system impact.
Audit Metadata