research
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or data exfiltration attempts were detected. The skill's behavior matches its stated purpose of documentation research.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external websites via
WebFetchandWebSearch, which is a common surface for indirect prompt injection. The skill lacks explicit boundary markers or instructions to ignore embedded commands in the fetched content, though this is a standard risk for web-based research tools. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill utilizes
Memory MCPto store findings. There are no patterns suggesting the exfiltration of sensitive local data or hardcoded credentials.
Audit Metadata