Skills
skills/wentorai/research-plugins/chemeagle-guide/Gen Agent Trust Hub

chemeagle-guide

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a pipeline for extracting data from external, untrusted literature, which creates a potential surface for indirect prompt injection attacks.
  • Ingestion points: Untrusted data enters the agent context via 'eagle.extract('paper.pdf')' and 'eagle.extract_batch(input_dir='...')' calls in SKILL.md.
  • Boundary markers: No delimiters or 'ignore instructions' warnings are mentioned in the guide for isolating untrusted paper content from agent instructions.
  • Capability inventory: The agent uses an LLM provider to process text and write results to a searchable database ('ReactionDatabase'), allowing external content to influence structured data or subsequent agent actions.
  • Sanitization: The guide does not specify sanitization or validation steps for the content extracted from scientific papers before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 11:15 PM