research
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill provides explicit instructions to sub-agents to treat external web content as untrusted data. It implements a dedicated guardrail section that lists common injection patterns to identify and ignore. The static analysis flag for instruction override is a false positive triggered by these defensive guidelines.
- [COMMAND_EXECUTION]: The skill appropriately uses local CLI tools and bash scripts (such as
search-learnings.shandrecall.py) to search through local codebase and documentation. These commands are used for their intended purpose of information gathering. - [REMOTE_CODE_EXECUTION]: Remote data is retrieved using specialized scraping tools like
scraplingwith security flags (e.g.,--ai-targeted) and markdown converters (e.g.,markdown.new). These methods are used to safely ingest content while minimizing exposure to malicious web-based payloads. - [DATA_EXFILTRATION]: Network activity is confined to web searching and page fetching based on user-initiated research queries. Data collected from the web is stored in temporary local files for synthesis, with no evidence of unauthorized data transfer to external servers.
Audit Metadata