Skills
skills/a-green-hand-jack/ml-research-skills/reference-project-synthesizer/Gen Agent Trust Hub

reference-project-synthesizer

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
  • Ingestion points: The skill reads 'paper cards' from the reference/cards/ directory (SKILL.md). These cards contain information extracted from external academic papers, which are untrusted third-party sources.
  • Boundary markers: The instructions do not define any specific delimiters or 'ignore' instructions to prevent the agent from treating data within a paper card as active instructions.
  • Capability inventory: The skill has access to the Bash tool and is instructed to write conclusions to project memory and code-related planning files like code/.agent/benchmark-plan.md (SKILL.md, Step 5).
  • Sanitization: There is no mention of sanitizing or validating the content of the paper cards before they are used to influence the agent's logic or project updates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 08:33 AM