paper-review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface. ● Ingestion points: The prompt ingests external text from academic papers (Introduction, Overview, Background). ● Boundary markers: No explicit delimiters or boundary instructions are defined to separate untrusted paper content from the system prompt. ● Capability inventory: The skill is restricted to generating text output; no subprocess, file-write, or network capabilities are present. ● Sanitization: No instructions are provided to sanitize or filter LaTeX or text for malicious instructions.
- [NO_CODE] (SAFE): This skill contains no executable scripts or code files, consisting entirely of markdown instructions.
Audit Metadata