research-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest and synthesize information from external web sources, which may contain adversarial content designed to influence agent behavior.
- Ingestion points: The agent collects data from external web searches and remote URLs as part of the research protocol.
- Boundary markers: The skill utilizes structured Markdown templates (Research Brief Format) to separate source data from analysis.
- Capability inventory: The skill utilizes web search capabilities and file system read/write operations within the research directory.
- Sanitization: The skill mitigates risks by implementing a 'Source Quality Scoring' system (Phase 3) that requires the agent to evaluate authority, recency, and bias before synthesis.
- [COMMAND_EXECUTION]: Structured File Management. The skill instructs the agent to maintain a local knowledge base through file system operations.
- Evidence: Instructions guide the agent to create a 'research/' directory and manage '.md' files for briefs, monitoring, and indexing.
- Scope: Operations are confined to the research directory and follow standard documentation practices. No unauthorized path traversal or sensitive file access was detected.
Audit Metadata