research-discover
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill files.
- [PROMPT_INJECTION]: The instructions reinforce agent constraints to ensure truthfulness and prevent the creation of unverified literature, supporting overall safety guidelines.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill operates within designated local directories for research output and does not attempt to access sensitive system files or credentials.
- [INDIRECT_PROMPT_INJECTION]: Analysis of the attack surface:
- Ingestion points: Web search results and user-provided research materials.
- Boundary markers: Explicit logical constraints ('Truthfulness & Verification Contract') are present to prevent fabrication, though no technical delimiters for input content are specified.
- Capability inventory: File creation/updates in the 'research/' directory and user interaction via 'AskUserQuestion'.
- Sanitization: Verification rules require mapping citations to verified sources or marking them as UNVERIFIED.
Audit Metadata