academic-search
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection through its document analysis features.
- Ingestion points: Untrusted data enters the agent context when users share academic papers or abstracts for analysis, utilizing the
extract_text_from_pdftool defined in the MCP server configuration. - Boundary markers: The skill definition lacks specific delimiters or system instructions designed to prevent the model from executing commands that might be hidden within the text of an academic paper.
- Capability inventory: The skill includes tools for file reading (
extract_text_from_pdf) and file generation (create_docx). - Sanitization: There is no evidence of text sanitization or verification of external content before it is processed by the agent.
Audit Metadata