Skills
skills/a-green-hand-jack/ml-research-skills/submit-paper/Gen Agent Trust Hub

submit-paper

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface because it processes and displays the contents of untrusted LaTeX source files (e.g., TODO comments, abstract text). If these files contain malicious instructions, they could influence the agent during the analysis phase.
  • Ingestion points: LaTeX source files (.tex, .bib) and the project directory structure.
  • Boundary markers: No specific delimiters or "ignore" instructions are used when presenting extracted text from files to the agent.
  • Capability inventory: The skill utilizes Read, Edit, and Bash tools, allowing it to modify files and execute shell commands.
  • Sanitization: No sanitization or filtering is performed on the content extracted from processed documents beyond basic word-count stripping.
  • [COMMAND_EXECUTION]: The skill executes a local bash script (scripts/check.sh) to perform static analysis. The script is well-structured, follows security best practices (e.g., using set -euo pipefail and mktemp), and performs only diagnostic checks on the project files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:40 PM