Skills
skills/shaun-z/auto-claude-code-research-in-sleep/prior-art-search/Gen Agent Trust Hub

prior-art-search

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted technical data from external web sources.
  • Ingestion points: Data is retrieved from external websites via WebSearch and WebFetch, specifically from platforms like patents.google.com, espacenet.com, and academic repositories.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the retrieved content, leaving the agent potentially vulnerable to commands embedded in the fetched text.
  • Capability inventory: The skill allows the agent to Write results to the file system and provides access to broad Bash tool permissions.
  • Sanitization: There is no evidence of filtering, escaping, or validating the external content before it is incorporated into the prompt.
  • [EXTERNAL_DOWNLOADS]: The skill fetches research data and citations from well-known services such as Google Patents, Espacenet, Google Scholar, and arXiv. These references target established repositories and are necessary for the skill's primary research function.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 03:14 AM
Security Audit — agent-trust-hub — prior-art-search