Skills
skills/aws-samples/sample-strands-agent-with-agentcore/research-agent/Gen Agent Trust Hub

research-agent

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [SAFE]: The skill provides high-level instructions for organizing research tasks. It does not include executable scripts, shell commands, or network exfiltration logic.
  • [PROMPT_INJECTION]: The skill involves processing untrusted data from the web to synthesize reports, which is a surface for indirect prompt injection. Ingestion points: Multi-source web content via the research_agent tool (SKILL.md). Boundary markers: None explicitly defined to separate instructions from web data. Capability inventory: The agent can create markdown artifacts and embedded charts. Sanitization: No explicit sanitization or escaping instructions are provided for handling external web content.
  • [NO_CODE]: This skill consists entirely of instructional markdown and does not bundle any Python scripts, JavaScript files, or binary executables.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 02:40 AM