Skills
skills/pedrohcgs/claude-code-my-workflow/lit-review/Gen Agent Trust Hub

lit-review

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses 'WebSearch' and 'WebFetch' to retrieve research papers and data from external repositories and the internet to perform literature reviews.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it ingests untrusted data from external sources and local files that could contain hidden instructions intended to influence the agent's behavior.
  • Ingestion points: Files located in 'master_supporting_docs/supporting_papers/' and external content retrieved via the 'WebFetch' tool.
  • Boundary markers: None identified. The skill does not instruct the model to ignore potential commands embedded within the papers it reads.
  • Capability inventory: The skill has the ability to read and write files ('Read', 'Write', 'Grep', 'Glob') and access the network ('WebSearch', 'WebFetch').
  • Sanitization: No explicit sanitization or filtering of external content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 09:24 AM