concept-development
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious activity detected. The skill is purely instructional and leverages predefined Model Context Protocol (MCP) tools for research workflows.
- [DATA_EXPOSURE] (SAFE): The skill reads and writes local research drafts (
concept.md). It uses the PubMed API for literature searches, which is a trusted external source. No sensitive system file access or data exfiltration to untrusted domains was found. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes user-provided drafts (
read_draft). While this constitutes an ingestion surface for untrusted data, the agent's capabilities are restricted to research validation and text generation. It includes logic for 'Protected Content' markers to ensure research integrity, which acts as a functional boundary.
Audit Metadata