literature-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill possesses an ingestion surface via 'WebSearch' and 'WebFetch' tools, which process untrusted data from the internet. While this creates a potential surface for indirect prompt injection (e.g., hidden instructions in a web page or PDF), the skill includes specific principles for 'Source Verification' and 'Factual Integrity' which act as defensive guidelines. No exploitation was found. (Evidence: SKILL.md ingestion points: WebSearch, WebFetch; Capability inventory: Read, Grep, Glob).
- [Data Exposure & Exfiltration] (SAFE): The skill uses file-system tools like 'Read', 'Grep', and 'Glob', but they are restricted by the prompt's context to academic synthesis. There are no attempts to access sensitive system paths (e.g., .ssh, .aws) or exfiltrate data to non-whitelisted domains.
- [Remote Code Execution] (SAFE): No patterns of remote code execution or unverifiable dependency installations were detected. The toolset is focused on information retrieval and text processing.
Audit Metadata