research-pipeline-runner
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local automation via
python scripts/pipeline.pyto initialize pipelines, resume runs, and record approvals within the local environment.\n- [EXTERNAL_DOWNLOADS]: Network operations are performed to fetch research-related data (papers, citations, and metadata) from external sources such as ArXiv based on user research goals.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from external research sources, creating a surface for indirect prompt injection.\n - Ingestion points: External research papers, abstracts, and metadata retrieved via network tools, as well as user-provided goals in SKILL.md.\n
- Boundary markers: The skill utilizes 'HUMAN checkpoints' (e.g., C2 for outline approval) and a 'DECISIONS.md' log to gate execution and prevent automated generation of large prose blocks without explicit sign-off.\n
- Capability inventory: The skill executes local scripts (
scripts/pipeline.py) and performs file system writes constrained to theworkspaces/directory.\n - Sanitization: No specific sanitization or filtering logic for the content of retrieved research papers is described in the skill's operational instructions.
Audit Metadata