autoresearch-loop
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a set of standard shell utilities including
cat,test,wc,diff, andgrepto facilitate the measurement and verification phases of the research loop. These commands are used to establish baselines, track changes, and verify that the agent is correctly logging its progress in the.agent/evals/directory. - [PROMPT_INJECTION]: This skill operates on other instructions (SKILL.md files), which creates a surface for indirect prompt injection if the processed content contains adversarial commands. However, the skill includes explicit anti-patterns to mitigate these risks, such as requiring rubric-anchored scoring and documentation of weaknesses.
- Ingestion points: The skill reads from
SKILL.mdfiles in the workspace and evaluation files within the.agent/evals/directory. - Boundary markers: No explicit delimiter-based boundary markers are defined in the instructions for isolating external instruction data.
- Capability inventory: The skill has the capability to read/write files and execute shell commands (
cat,test,wc,diff,grep) as part of its verification logic inSKILL.md. - Sanitization: There are no explicit sanitization routines; the skill relies on the agent's internal reasoning and the provided anti-patterns to maintain evaluation integrity.
Audit Metadata