lit-review
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages configuration and research files within user-defined paths (~/.config/lit-review/ and a user-specified base directory). This behavior is consistent with its stated purpose as a productivity tool.
- [COMMAND_EXECUTION]: The skill utilizes basic shell commands like mkdir to set up project structures. It also provides instructions for rendering documents using quarto and pdflatex, which are standard tools in academic workflows.
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it processes external research documents and bibliographies to generate summaries and reviews.
- Ingestion points: The skill reads user-provided files such as paper drafts and BibTeX files during review setup and continuation.
- Boundary markers: No explicit markers or instructions to ignore embedded commands are present in the templates used to incorporate external data.
- Capability inventory: Subprocess capabilities include directory creation (mkdir) and instructions for document compilation (quarto render, pdflatex).
- Sanitization: The skill does not perform specific sanitization or escaping of the content extracted from source documents before placing it into output files.
Audit Metadata