test-json-sql-semantic-scholar
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted metadata from an external research API.\n
- Ingestion points: External data is retrieved via the 'semantic-scholar' tool in plan.json.\n
- Boundary markers: None. The plan does not include markers to distinguish between instructions and data.\n
- Capability inventory: Limited to internal data processing (project, sort, pluck) and outputting text (say). No access to sensitive files or execution environments is provided.\n
- Sanitization: None. Data from the API is used directly in output messages.
Audit Metadata