Skills
skills/a-green-hand-jack/ml-research-skills/citation-coverage-audit/Gen Agent Trust Hub

citation-coverage-audit

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an inherent indirect prompt injection surface due to its core functionality.
  • Ingestion points: The agent reads user-provided draft papers (LaTeX, PDF, Markdown) in Step 2 and fetches external web content from academic repositories (arXiv, OpenReview, Semantic Scholar) in Step 4.
  • Boundary markers: The instructions do not define explicit delimiters or warnings to ignore instructions embedded within the draft papers or fetched web pages.
  • Capability inventory: The skill is authorized to use Bash, Write, Edit, WebSearch, and WebFetch. This combination allows the agent to modify local project files (Step 8 and Step 9) based on data retrieved from external, potentially untrusted sources.
  • Sanitization: No sanitization or validation logic is present to filter out or escape potentially malicious instructions found in the ingested text before it is processed by the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 08:01 PM