idea-generation
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The script
scripts/novelty_check.pymakes network requests toapi.semanticscholar.org. While this is the intended purpose of the skill, the domain is not on the predefined trusted whitelist. - Indirect Prompt Injection (LOW): The skill ingests untrusted text, such as research areas and idea descriptions, to drive its workflow. Ingestion points: The
--ideaargument innovelty_check.pyand the$0input inSKILL.md. Boundary markers: Partially present in prompt templates inreferences/ideation-prompts.md(e.g., triple quotes), but missing for script command-line arguments. Capability inventory: Performs network GET requests to the Semantic Scholar API and can write results to a local file via the--outputflag. Sanitization: Search queries are escaped usingurllib.parse.urlencodeto prevent URL injection.
Audit Metadata