Skills
skills/shaun-z/auto-claude-code-research-in-sleep/research-wiki/Gen Agent Trust Hub

research-wiki

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The ingest subcommand fetches research paper metadata from well-known services including arXiv, DBLP, and Semantic Scholar to populate the wiki.
  • [PROMPT_INJECTION]: The ingestion of external metadata from research databases creates a surface for indirect prompt injection. Malicious instructions embedded in paper titles or abstracts could potentially influence the agent during processing. Ingestion points: external metadata fetched via WebFetch and stored in markdown files within the research-wiki/papers/ directory. Boundary markers: the skill instructions do not specify the use of delimiters or 'ignore instructions' warnings for the ingested content. Capability inventory: the skill is permitted to use Bash(*), Write, Edit, and mcp__codex__codex. Sanitization: no explicit validation or sanitization of external metadata is described before it is written to the file system or used in prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 02:15 AM