Skills
skills/cycleuser/skills/academic-writer/Gen Agent Trust Hub

academic-writer

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl and python3 to execute searches and process structured data from academic databases. It includes instructions for running specific shell pipelines to filter and format research metadata.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to fetch metadata from established academic services, including arxiv.org, semanticscholar.org, and dblp.org (documented in rules/literature-search.md).
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through the processing of untrusted external data:
  • Ingestion points: Research paper abstracts and literature metadata are fetched directly from external APIs and integrated into the agent's context (e.g., in rules/literature-search.md).
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat fetched literature content as untrusted or to ignore instructions embedded within research abstracts.
  • Capability inventory: The skill has access to bash command execution (curl, python3) and file system operations as described in its core workflow.
  • Sanitization: The skill does not implement automated sanitization or filtering for the external text retrieved during the literature search process.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 02:23 PM
Security Audit — agent-trust-hub — academic-writer