research

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill utilizes the gemini-cli tool which is an official tool provided by Google, a trusted and well-known technology organization.
  • [COMMAND_EXECUTION]: The skill uses the sessions_spawn tool to run background tasks. It constructs a shell command (gemini --yolo) using string interpolation from the research topic. While this creates a dynamic execution path, it is the primary intended function of the skill and targets a trusted CLI tool.
  • [DATA_EXPOSURE]: Research output is localized to the ~/clawd/research/ directory, following standard practices for data isolation and preventing exposure of sensitive system areas.
  • [INDIRECT_PROMPT_INJECTION]: The sub-agent ingests and processes data returned from an external AI (Gemini). While there are no explicit boundary markers or sanitization logic for the research output before it is written to disk, the risk is inherent to the research use-case and is considered a standard operational characteristic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 02:55 PM
Security Audit — agent-trust-hub — research