c3
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is focused on research methodology and uses project-specific files for configuration and state management. It does not exhibit any patterns related to exfiltration, malicious command execution, or obfuscation.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection as it processes user-provided research questions and study context to generate advice. This is an expected architectural characteristic for a consultant-style skill.
- Ingestion points: User research questions and project constraints.
- Boundary markers: No delimiters or boundary markers are used for user input.
- Capability inventory: The skill instructions include reading project files such as
config/diverga-config.jsonand.research/decision-log.yamlto verify prerequisites. - Sanitization: The skill does not perform sanitization on user-supplied input.
Audit Metadata