research
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Spawns various search and extraction tools (brave-search, firecrawl, valyu) and local helper scripts to automate the research workflow.
- [EXTERNAL_DOWNLOADS]: Fetches data from multiple web, news, and academic sources via established API endpoints (OpenAI, xAI, Perplexity, arXiv, GitHub).
- [PROMPT_INJECTION] (Indirect): Processes large amounts of untrusted content from the web and social media. The skill mitigates risks associated with this ingestion surface by using structured synthesis templates and evidence-based reporting.
- [CREDENTIALS_UNSAFE] (Guidance): Provides clear instructions for users to manage API keys securely in local
.envand configuration files (e.g.,~/.env.local).
Audit Metadata