Skills
skills/kirkruglov/claude-skills-kit/research-folder-synthesizer/Gen Agent Trust Hub

research-folder-synthesizer

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process the content of arbitrary local text files (.md, .txt) provided by the user.
  • Ingestion points: User-specified research files are read in full as described in SKILL.md (Step 2).
  • Boundary markers: The instructions do not mandate the use of delimiters or specific instructions for the agent to ignore potentially malicious commands embedded within the input files.
  • Capability inventory: The skill possesses the capability to read local files and write a thematic report to research-synthesis.md.
  • Sanitization: There is no mention of sanitizing, escaping, or validating the content extracted from the source files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:40 AM
Security Audit — agent-trust-hub — research-folder-synthesizer