research
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses
WebFetchandtavily_extract_processto retrieve documentation from well-known sources such asnpmjs.org,unpkg.com, andgithub.com. It retrieves content from the community toolnpmx.devfor type documentation, which is used for data retrieval only. - [SAFE]: Bash commands for
git cloneandgh apiare correctly scoped to/tmp/directories and focused on information retrieval and cleanup, adhering to best practices for agent-based research tasks. - [SAFE]: The skill implements advanced verification patterns, including Chain-of-Verification (CoVe) and atomic fact decomposition, which effectively manage the risks associated with processing external untrusted data (Indirect Prompt Injection surface).
- [SAFE]: No obfuscation, data exfiltration, persistence mechanisms, or unauthorized privilege escalation attempts were detected in the instructions or reference files.
Audit Metadata