learning-literature-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests and processes literature data which could contain malicious hidden instructions.
- Ingestion points: The
input_datadictionary inskill.pyis the primary entry point for untrusted external content. - Boundary markers: There are no delimiters or explicit instructions provided to the underlying model to ignore instructions embedded within the research data.
- Capability inventory: The skill is capable of generating reports and identifying insights; while system-level access is limited in the provided snippet, the logic relies on a local framework.
- Sanitization: No input validation or escaping mechanisms are applied to the
input_databefore use.\n- [Code Quality] (SAFE): The variableskill_dirused in theexecutemethod inskill.pyis not defined within the function or imported, which will result in aNameErrorduring execution.
Audit Metadata