gourmet-research
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill is designed for legitimate research purposes and emphasizes structured data capture.
- [EXTERNAL_DOWNLOADS]: The skill fetches data from well-known gourmet services and review platforms (e.g., Google Maps, Tabelog, Yelp, TripAdvisor). These references are documented and are central to the skill's research function.
- [COMMAND_EXECUTION]: The skill utilizes Playwright to interact with web pages, specifically to handle language modals or extract content from gourmet websites. This is an expected and appropriate use of browser automation tools for this use case.
- [PROMPT_INJECTION]: The skill manages an indirect prompt injection surface as part of its primary research activity:
- Ingestion points: External gourmet review sites and aggregator platforms (SKILL.md).
- Boundary markers: Absent; instructions do not explicitly mandate delimiters for ingested content.
- Capability inventory: File system writes to the
gourmet/directory across all template files. - Sanitization: Absent; content is summarized and moved through a multi-stage workflow from
inbox.mdtonotes.mdandtop-places.md. - Context: This surface is intrinsic to the skill's purpose, and the instructions focus the agent on data normalization and scoring rather than executing untrusted instructions.
Audit Metadata