Skills
skills/wanshuiyin/auto-claude-code-research-in-sleep/paper-claim-audit/Gen Agent Trust Hub

paper-claim-audit

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the data files it is designed to analyze.
  • Ingestion points: The skill reads contents from .tex source files and raw results in .json, .csv, .tsv, and .yaml formats from the local filesystem (e.g., paper/ and results/ directories).
  • Boundary markers: The prompt used for the gpt-5.4 reviewer lacks explicit boundary markers or instructions to treat the ingested file content as untrusted data, increasing the risk that embedded instructions within a paper or data file could influence the audit outcome.
  • Capability inventory: The skill utilizes Bash(*), Read, Write, Edit, and mcp__codex__codex. The resulting audit report (PAPER_CLAIM_AUDIT.json) is designed to be consumed by other skills like auto-paper-improvement-loop, which may perform automated edits based on the audit findings.
  • Sanitization: The skill does not perform any sanitization, escaping, or validation of the file content before interpolating it into the reviewer prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 10:17 AM