industrial-ai-research

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the web using WebSearch and WebFetch tools during the literature collection phase.
  • Ingestion points: External research papers and metadata enter the agent context through the Phase 3 search workflow.
  • Boundary markers: The skill uses explicit instructions to 'separate verified evidence from inference' and 'label preprints,' but lacks formal data delimiters to isolate external content from the main instruction flow.
  • Capability inventory: The skill has access to local file utilities (Read, Glob, Grep) and network tools (WebSearch, WebFetch).
  • Sanitization: Mitigation is present via a mandatory 'Verification and Triage' phase (Phase 4), a 'Contrarian Pass' in synthesis, and a 'Quality Gate' (Phase S4) that checks for placeholder leaks and consistent citation mapping before final delivery.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:58 AM
Security Audit — agent-trust-hub — industrial-ai-research