academic-research

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation provides instructions for users to install the full suite or routing component from external GitHub repositories (Imbad0202/academic-research-skills and akillness/jeo-skills). These are recognized as legitimate vendor and upstream resources for the skill's functionality.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted data from academic papers and web searches. However, this risk is managed through an orchestration design that mandates human review at critical stages.
  • Ingestion points: Content from academic papers (text, PDF, or URLs) and data retrieved via the WebFetch tool.
  • Boundary markers: The instructions emphasize mandatory [USER CHECKPOINT] gates that require explicit confirmation before the agent proceeds to the next stage of the pipeline.
  • Capability inventory: The skill uses Bash, Read, Write, Edit, Glob, Grep, and WebFetch tools to perform its research and formatting tasks.
  • Sanitization: No explicit sanitization or escaping mechanisms for the ingested text are described in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 04:58 AM
Security Audit — agent-trust-hub — academic-research