Skills
skills/bighardperson/computer-science-skills-collection/ZeeLin Academic Paper/Gen Agent Trust Hub

ZeeLin Academic Paper

Pass

Audited by Gen Agent Trust Hub on Jun 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data.
  • Ingestion points: User-provided references and research background are ingested as primary data sources for paper generation (SKILL.md).
  • Boundary markers: The prompt templates in references/prompts_zh.md use placeholders like {参考文献} without explicit instructions to the agent to treat this content as untrusted data or to ignore any embedded commands.
  • Capability inventory: The skill utilizes the file-system capability to read local template files. No network operations or subprocess executions were detected in the provided skill content.
  • Sanitization: No sanitization or filtering logic is implemented for the incoming user text, allowing for potential manipulation of the agent's behavior if the input contains instructional overrides.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 3, 2026, 02:38 AM
Security Audit — agent-trust-hub — ZeeLin Academic Paper