journal-target
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it processes untrusted external data from user-provided papers and journal websites.
- Ingestion points: The skill uses
Readto ingest paper content andWebFetchto retrieve information from external journal websites. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the prompt structure.
- Capability inventory: The skill utilizes
WebSearch,WebFetch, and file systemRead/Grep/Globtools. - Sanitization: There is no explicit sanitization or filtering of the ingested content before it is processed by the LLM.
- External Downloads (SAFE): While the skill uses
WebFetchto gather journal data, it does not download executable code or packages; it only retrieves information for analysis purposes. - Data Exposure & Exfiltration (SAFE): The skill accesses local files via
Readto analyze manuscripts, but there are no instructions or tools configured to exfiltrate this data to unauthorized third-party servers.
Audit Metadata