scientific-writing
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted research artifacts, notes, and bibliography files as part of its manuscript preparation workflow.\n
- Ingestion points: Artifact bundle collection in 'references/workflow.md' and manuscript inventory in 'SKILL.md'.\n
- Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands within user-provided artifacts.\n
- Capability inventory: The skill possesses capabilities for text generation across multiple agent roles (Planner, Writer, Reviewer) and can perform network lookups via the Crossref tool.\n
- Sanitization: No sanitization or validation of artifact content is performed prior to processing in the pipeline, allowing potential instructions in artifacts to influence the agent roles.\n- [DATA_EXFILTRATION]: The Python utility 'scripts/crossref_validator.py' performs network requests to 'https://api.crossref.org'.\n
- Evidence: The script uses the 'requests' library to query scholarly metadata for DOIs and titles.\n
- Context: This communication targets a well-known academic service and is consistent with the skill's primary function of citation validation.
Audit Metadata