Academic Dataset Selection and Analysis
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to search for and ingest datasets from external internet sources (URLs). It lacks boundary markers or instructions to treat the data as untrusted, creating an attack surface for indirect prompt injection if a dataset contains malicious instructions.\n
- Ingestion points: External datasets fetched via URL based on user-provided criteria (SKILL.md).\n
- Boundary markers: Absent; there are no delimiters or warnings to ignore instructions within the fetched data.\n
- Capability inventory: The skill focuses on generating a structured report; no dangerous capabilities like file writing or subprocess execution are present in the skill code itself.\n
- Sanitization: Absent; the skill does not specify any validation or filtering of the dataset content.
Audit Metadata