Skills
skills/stevengonsalvez/agents-in-a-box/research-cache/Gen Agent Trust Hub

research-cache

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local utility script toolkit/claude-code-4.5/utils/repo-analysis-cache.sh via bash to perform management tasks such as statistics reporting, listing entries, and purging expired data.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests analysis results originally derived from untrusted external repositories.
  • Ingestion points: The skill reads analysis.md files from subdirectories within {{HOME_TOOL_DIR}}/research-cache/.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the cached analysis content as untrusted data or to ignore embedded instructions.
  • Capability inventory: The agent has the capability to execute shell commands (via the utility script) and read file contents into its context.
  • Sanitization: No sanitization or validation of the cached markdown files is described before they are re-introduced into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:05 AM