academic-research-skills-codex
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation and update instructions direct users to download and execute code from a third-party GitHub repository (
Imbad0202/academic-research-skills-codex) using a Python installer script. - [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data such as research manuscripts, notes, and reviewer comments. This creates a surface for indirect prompt injection where instructions hidden in these materials could attempt to influence the agent's behavior.
- Ingestion points: User-provided manuscripts (PDF/MD), research notes (MD), data summaries (CSV), and reviewer feedback files (TXT).
- Boundary markers: No explicit delimiters or boundary markers for external content are defined in the instructions to isolate processed text from agent commands.
- Capability inventory: The skill possesses capabilities for file reading, text generation, citation formatting, and optional cross-model review via the Anthropic API.
- Sanitization: The documentation does not specify any sanitization or validation of the input materials before they are processed by the workflows.
Audit Metadata