Skills
skills/liangdabiao/claude-code-deep-research-main/citation-validator/Gen Agent Trust Hub

citation-validator

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted research reports and fetches external data from the web using WebFetch.
  • Ingestion points: Untrusted data enters the agent context through user-provided research content and external web sources fetched during the validation process (specified in SKILL.md and instructions.md).
  • Boundary markers: The instructions lack explicit delimiters or specific 'ignore embedded instructions' warnings for the data being analyzed, which could lead the agent to follow instructions contained within the research reports or websites.
  • Capability inventory: The skill utilizes WebSearch, WebFetch, and file Read/Write operations; it does not include dangerous capabilities like arbitrary command execution or dynamic code evaluation.
  • Sanitization: There is no evidence of sanitization or filtering applied to external content before it is processed by the validator.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 02:53 AM