research-manager

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill operates as a project management tool, recording research history and logic into a dedicated 'ara/' directory. All file operations are constrained to this project scope.
  • [DATA_EXPOSURE]: No evidence of sensitive data access or exfiltration. The skill uses standard tools (Read, Write, Edit, Glob, Grep) to maintain its own internal state and does not interact with external network resources or system-level credentials.
  • [PROMPT_INJECTION]: The instructions establish a rigorous workflow for end-of-turn summarization. There are no attempts to override system prompts, bypass safety filters, or implement 'jailbreak' patterns.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from the conversation history to update its records. It mitigates potential injection risks by using structured YAML and Markdown schemas, and by applying a 'distillation' step that converts conversational prose into quantitative or telegraphic language before writing.
  • [COMMAND_EXECUTION]: The skill's activities are limited to file system management. It does not attempt to execute arbitrary shell commands, download remote scripts, or modify system configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 12:08 AM
Security Audit — agent-trust-hub — research-manager