citation-validator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill is designed to process external research content and fetch data from arbitrary web sources, which may contain hidden instructions. Ingestion points: Research content ingestion (Step 1) and external source retrieval via 'WebFetch' (Step 5). Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded commands within the fetched content. Capability inventory: The skill uses 'Read/Write' tools to modify the file system and 'WebSearch'/'WebFetch' for network operations. Sanitization: Absent; the skill does not specify any validation or filtering of fetched data before processing.
- NO_CODE (SAFE): The skill is composed entirely of markdown instructions and does not include any executable scripts, binaries, or package dependencies.
Audit Metadata