research-synthesize
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or associated scripts.
- [PROMPT_INJECTION]: The skill demonstrates best practices for mitigating indirect prompt injection (Category 8). Evidence chain: 1. Ingestion points: evidence files in 'collect/evidence/*.md'. 2. Boundary markers: A critical safety rule (SKILL.md, Line 14) explicitly instructs the agent to treat evidence content as data only. 3. Capability inventory: Tools for file reading, writing, and subagent tasking. 4. Sanitization: Use of structured JSON artifacts and bounded regex for parsing internal status reports.
- [DATA_EXFILTRATION]: The tool configuration limits file operations to the research project workspace, and no network exfiltration vectors or hardcoded credentials were identified.
- [COMMAND_EXECUTION]: Local file management and data processing are handled via standard shell commands and Python scripts, which are restricted to the research artifacts and do not pose a security risk.
Audit Metadata