validate-bib
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from document files.
- Ingestion points: Document files (.tex, .qmd, .typ) and bibliography files are read at runtime.
- Boundary markers: There are no instructions to the agent to treat document content as untrusted or to ignore embedded instructions.
- Capability inventory: The skill uses Read, Grep, and Glob tools, which are read-only but could be used to extract information if the agent is manipulated.
- Sanitization: No content validation or sanitization is performed on the data read from files.
Audit Metadata