think-research-framework
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a legitimate administrative pattern for the 'product-on-purpose' repository. Its primary function is to research candidate thinking methods and validate them against a schema using a local script (
scripts/check-proposed-entry.mjs). - [COMMAND_EXECUTION]: The skill mentions executing a specific validation script (
scripts/check-proposed-entry.mjs). This is a legitimate development workflow for validating proposed registry entries against a known schema and does not involve arbitrary command execution. - [DATA_EXPOSURE]: The skill defines staging paths for writing dossiers (
frameworks/_proposed/<slug>/dossier.md) and evidence records. These operations are restricted to the repository's internal directory structure and do not involve accessing sensitive system files or environment variables. - [EXTERNAL_DOWNLOADS]: While the skill description mentions running 'web research' via a subagent, this is a functional requirement for its stated purpose. There are no hardcoded URLs or automated downloads of executable content from untrusted sources.
- [PROMPT_INJECTION]: No override markers, role-play instructions, or system prompt extraction attempts were found. The instructions focus on structured evaluation (evidence grading, overlap assessment) and dispatching tasks to a subagent.
Audit Metadata