Research Ideation
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill defines a workflow where the agent ingests untrusted data from the web and PDF files, creating a surface for potential injection. * Ingestion points: WebSearch results and PDF full-text via the get_item_fulltext tool. * Boundary markers: The skill does not instruct the agent to use specific delimiters or protective wrappers when processing retrieved external content. * Capability inventory: The agent has access to WebSearch and Zotero library management tools. * Sanitization: No explicit sanitization or validation of external content is defined.
- Code Analysis (SAFE): The skill consists exclusively of Markdown documentation; no executable scripts, binaries, or configuration files for package managers were detected.
- Metadata Analysis (SAFE): No deceptive metadata, prompt overrides, or obfuscated instructions were found.
Audit Metadata