autoresearch
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the shell command
opento automatically display the generated HTML dashboard in the default browser on macOS. - [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by ingesting and processing content from external skill files and their generated outputs.
- Ingestion points: Target skill content and runtime output data (SKILL.md).
- Boundary markers: No specific delimiters are defined to separate ingested data from the agent's core optimization instructions.
- Capability inventory: The skill utilizes file system access (read/write), terminal command execution (
open), and autonomous recursive execution cycles (SKILL.md). - Sanitization: No sanitization or filtering is applied to external data processed during the optimization loop.
- [EXTERNAL_DOWNLOADS]: The generated dashboard includes a reference to the Chart.js library via a public CDN to facilitate browser-based performance visualization.
Audit Metadata