autoresearch
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The instructions command the agent to 'NEVER STOP' and avoid pausing for user confirmation during the optimization loop, which maximizes autonomy and reduces human oversight.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes output from other skills to determine how to mutate its instructions without using safety boundaries. 1. Ingestion points: Target skill outputs and instructions. 2. Boundary markers: None specified. 3. Capability inventory: File system writes and shell command execution. 4. Sanitization: None provided.
- [COMMAND_EXECUTION]: The skill utilizes the 'open' command to launch a generated HTML file in the system's web browser.
- [EXTERNAL_DOWNLOADS]: The generated dashboard script references the Chart.js library from a public CDN for data visualization.
Audit Metadata