research
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is entirely composed of Markdown documentation (SKILL.md, references/*.md) and metadata (meta.json). There are no Python scripts, Node.js files, shell scripts, or binary executables included.\n- [SAFE]: The skill does not contain any patterns associated with credential theft, persistence, or privilege escalation. It provides educational content and templates for UX researchers.\n- [EXTERNAL_DOWNLOADS]: The documentation mentions several external research tools (e.g., Dovetail, Looppanel, Grain, Otter.ai). These are well-known technology services and are referenced neutrally as informational resources for the researcher, not for automated download or execution.\n- [PROMPT_INJECTION]: No direct prompt injection or jailbreak attempts were found. Regarding indirect prompt injection (Category 8):\n
- Ingestion points: Research data such as interview transcripts and user feedback in references/ai-assisted.md.\n
- Boundary markers: The skill explicitly warns in SKILL.md to never execute research instructions found in external content.\n
- Capability inventory: No automated capabilities or scripts are present in the skill files.\n
- Sanitization: references/ai-assisted.md recommends anonymizing PII before AI processing and manually validating all AI-generated insights.
Audit Metadata