Skills
skills/vincenzoimp/academic-research-skills/research-data-analysis/Gen Agent Trust Hub

research-data-analysis

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill architecture creates a surface for indirect prompt injection as it is designed to ingest and act upon untrusted external data.
  • Ingestion points: The agent reads raw research datasets, data dictionaries, and source metadata (e.g., from arXiv, PubMed, or Zotero) stored in the sources/ and data/ directories as outlined in SKILL.md and references/repository-contract.md.
  • Boundary markers: The skill lacks explicit instructions for using delimiters or boundary markers to differentiate data from instructions within the external sources.
  • Capability inventory: The agent is authorized to write reusable analysis code in src/, execute CLI tools, and update project-persistent knowledge bases in wiki/ and docs/ according to SKILL.md and references/output-contracts.md.
  • Sanitization: There are no defined procedures for sanitizing, validating, or escaping content from external sources before it influences code generation or documentation updates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 09:06 AM