paper-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.
- Ingestion points: The agent is instructed to fetch and analyze information from external sources including PDF URLs, GitHub repositories (READMEs, code, issues), Hugging Face pages, and social media posts (Twitter/X).
- Boundary markers: There are no explicit instructions to use delimiters or ignore instructions embedded within the fetched research content to separate it from the system prompts.
- Capability inventory: The skill leverages the agent's ability to search and synthesize technical content into detailed reports.
- Sanitization: No input validation or content filtering is specified to mitigate instructions that may be hidden in the analyzed documents or repositories.
Audit Metadata