web-research
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from external websites, creating an indirect prompt injection surface.
- Ingestion points: The skill fetches content from arbitrary URLs provided by the user or found via search using the WebFetch tool (references/guide.md).
- Boundary markers: The content processing pipeline includes HTML stripping and cleaning but lacks explicit delimiters to isolate remote content from agent instructions during extraction stages.
- Capability inventory: The skill has access to Bash for CLI operations, Write for filesystem modifications in .memoire/, and WebFetch/WebSearch for network access.
- Sanitization: Content is passed through a multi-stage pipeline that removes scripts, navigation, and boilerplate, and filters blocks by word count.
- [COMMAND_EXECUTION]: The skill integrates with the memi CLI tool by executing shell commands via the Bash MCP tool (references/guide.md) for research pipeline management.
- [EXTERNAL_DOWNLOADS]: The skill fetches research content from external URLs and references the author's official repository at github.com/sarveshsea/memi (note.json).
Audit Metadata