wiki-aggregate
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured protocol for research data aggregation using standard file-system tools (Read, Grep) to process local artifacts.
- [SAFE]: High auditability through provenance requirements. The 'No provenance, no claim' rule (Phase 3) ensures that every extracted finding is tied to a specific source and line range, serving as a significant technical control against the adoption of instructions hidden within source files.
- [PROMPT_INJECTION]: Analysis of Indirect Prompt Injection surface (Category 8): 1. Ingestion points: Content is read from local files resolved via a user-defined glob pattern. 2. Boundary markers: While explicit delimiters are not defined in the tool-call phase, the protocol's scratchpad architecture isolates extracted data from the execution state. 3. Capability inventory: The agent is limited to file reading, searching, and writing summary files. 4. Sanitization: Content is interpreted as research data rather than instructions, and the requirement for multiple sources (N≥3) and cross-source verification reduces the impact of malicious content in any single source.
Audit Metadata