research-lookup
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes research data from external sources via OpenRouter, presenting an indirect prompt injection surface. 1. Ingestion points: External research content from the OpenRouter API (SKILL.md). 2. Boundary markers: Not specified in the provided instructions. 3. Capability inventory: Bash (scripts/generate_schematic.py, research_lookup.py), Write, and Edit (SKILL.md). 4. Sanitization: No specific instructions provided to the agent for sanitizing or escaping the retrieved research content.
- [COMMAND_EXECUTION]: The skill instructions provide the agent with command-line patterns for executing local Python scripts (scripts/generate_schematic.py and research_lookup.py) using the allowed Bash tool. This behavior is required for core functionality but involves the execution of shell commands based on user-provided natural language strings.
Audit Metadata