Real Literature Trace
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill provides a legitimate and well-structured workflow for assisting users with academic literature reviews. It explicitly instructs the agent to avoid fabricating data (DOIs, links) and emphasizes verification through official sources like CNKI and publisher pages.
- [NO_CODE]: While the skill metadata specifies 'bash' as a tool, no actual script files or executable commands are included in the skill package. The logic is entirely described in natural language instructions for the agent to follow.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data (academic papers and metadata), which is a common surface for indirect prompt injection.
- Ingestion points: Data is retrieved from external sources such as Google Scholar, CNKI, and publisher websites (SKILL.md).
- Boundary markers: Absent; there are no specific instructions to use delimiters or ignore instructions found within the retrieved text.
- Capability inventory: The skill configuration includes access to the 'bash' tool, providing a potential execution environment (SKILL.md).
- Sanitization: Absent; the instructions do not include steps to sanitize or filter the content of retrieved abstracts or titles before processing.
Audit Metadata