research
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The installation instructions include fetching the
uvinstaller fromastral.sh, which is the official site for a well-known and reputable developer tool.\n- [REMOTE_CODE_EXECUTION]: The setup process uses a piped shell execution for theuvinstallation script from a trusted source (astral.sh). Additionally, the PDF export tool dynamically executes a Python script usinguvxto handle document processing.\n- [COMMAND_EXECUTION]: The skill manages research files, shell environment variables, and document conversion using various system commands and CLI wrappers. These operations are essential for the primary functionality of the skill.\n- [PROMPT_INJECTION]: The skill ingests external research data and API responses, creating a surface for potential indirect prompt injection.\n - Ingestion points: Content retrieved from the Parallel AI API and web sources is stored in
research.mdfor processing by the agent.\n - Boundary markers: The agent is instructed to update specific sections, but no explicit security delimiters are used for external content.\n
- Capability inventory: The skill can execute local commands, write files, and perform network requests.\n
- Sanitization: The CLI wrapper uses
jqto ensure that user-provided research topics are safely escaped for API consumption.
Audit Metadata