web-research

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external websites, creating an indirect prompt injection surface.
  • Ingestion points: The skill fetches content from arbitrary URLs provided by the user or found via search using the WebFetch tool (references/guide.md).
  • Boundary markers: The content processing pipeline includes HTML stripping and cleaning but lacks explicit delimiters to isolate remote content from agent instructions during extraction stages.
  • Capability inventory: The skill has access to Bash for CLI operations, Write for filesystem modifications in .memoire/, and WebFetch/WebSearch for network access.
  • Sanitization: Content is passed through a multi-stage pipeline that removes scripts, navigation, and boilerplate, and filters blocks by word count.
  • [COMMAND_EXECUTION]: The skill integrates with the memi CLI tool by executing shell commands via the Bash MCP tool (references/guide.md) for research pipeline management.
  • [EXTERNAL_DOWNLOADS]: The skill fetches research content from external URLs and references the author's official repository at github.com/sarveshsea/memi (note.json).
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 09:48 PM