sciomc
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a controlled environment for research orchestration. It maintains session states and findings within a local hidden directory ('.omc/') and implements a concurrency limit of 20 sub-agents and a 10-iteration cap for autonomous mode to prevent resource exhaustion.
- [INDIRECT_PROMPT_INJECTION]: The skill's design involves processing external research goals and project files, creating an inherent surface for indirect prompt injection:
- Ingestion points: Research goals are provided as input arguments, and content from files is ingested by the 'scientist' sub-agents invoked by the tool.
- Boundary markers: The protocol utilizes specific structural tags such as [FINDING], [EVIDENCE], and [PROMISE] to separate sub-agent analysis from control logic, though it lacks an explicit security-hardened delimiter for the initial research goal.
- Capability inventory: The skill is primarily focused on task orchestration via the 'Task' tool and local file management; it does not demonstrate capabilities for arbitrary shell execution or external network exfiltration.
- Sanitization: Data extraction is performed using strictly defined regex patterns for finding and evidence tags, which provides a layer of structural validation for incoming agent data.
Audit Metadata