camera-ready-finalizer
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (reviews, emails) which presents an indirect prompt injection surface. 1. Ingestion points: Reviewer comments, meta-reviews, and emails (SKILL.md, Step 1). 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, Edit, and WebFetch tools are available to the agent. 4. Sanitization: No sanitization or validation of the ingested external content is mentioned.
Audit Metadata