grant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No malicious instructions, jailbreak attempts, or system prompt extraction patterns were detected. The skill's instructions are limited to providing academic writing assistance.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations (such as curl or wget) were found.
- [Remote Code Execution] (SAFE): No package installations or remote script execution patterns were detected. The skill does not include any scripts or executable files.
- [Indirect Prompt Injection] (LOW): The skill ingests user-provided research ideas via the $ARGUMENTS placeholder. While this represents an untrusted data entry point, the skill possesses no dangerous capabilities (e.g., shell access, file-writing, or network calls) that could be leveraged by an attacker. Evidence: 1. Ingestion points: $ARGUMENTS in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: None identified. 4. Sanitization: Absent.
Audit Metadata