Skills
skills/unblocked/skills/unblocked-context-research/Gen Agent Trust Hub

unblocked-context-research

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface. The skill retrieves content from external sources (Slack, GitHub, Jira) that may contain malicious instructions designed to subvert agent behavior.
  • Ingestion points: Untrusted data is ingested through the context_research tool and related search tools described in SKILL.md and the references/ directory.
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' warnings for the data retrieved from external systems.
  • Capability inventory: The agent is instructed to execute the unblocked CLI and has broader tool access as specified in SKILL.md.
  • Sanitization: Absent. No sanitization or validation logic is defined for the external content before it enters the agent's context.
  • Remediation: Mitigate by wrapping external results in clear delimiters (e.g., XML tags) and providing explicit instructions to the agent to treat the retrieved content only as reference data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:58 PM