conf-abstract-enrichment
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted conference titles and abstracts to drive automated web research and generate record files.
- Ingestion points: Title and abstract fields from event records processed at runtime as described in SKILL.md.
- Boundary markers: The skill lacks explicit delimiters or instructions to isolate potentially malicious session text from the agent's research logic.
- Capability inventory: The skill involves runtime web search tool invocation and local file writing to the 'enrichment/' directory.
- Sanitization: The risk is mitigated by a mandatory gate for 'thin' abstracts only, strict search caps, and a requirement for source URLs and confidence scores for every enriched claim.
Audit Metadata