experiment-report-writer
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Uses the 'Bash' tool to run local commands such as 'git rev-parse' and 'find'. These are used to retrieve the current commit hash and locate experiment-related files (configs, logs, metrics) within the project directory. These operations are within the expected scope for generating reproducible reports.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. (1) Ingestion points: Reads .yaml, .json, .csv, and .md files identified via shell searches. (2) Boundary markers: No specific delimiters or safety instructions are used when interpolating file content into the report. (3) Capability inventory: The skill has 'Bash', 'Write', and 'Edit' permissions. (4) Sanitization: No sanitization of the input data is performed. This surface is necessary for the skill's primary purpose of report generation.
Audit Metadata