scientific-validation
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface.
- Ingestion points: The skill is designed to read and analyze external claims from books, papers, or theories using the Read, Grep, and Glob tools (SKILL.md).
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present to isolate untrusted data.
- Capability inventory: The skill has access to Bash and Write tools to perform calculations and document results (SKILL.md).
- Sanitization: There is no documented logic for sanitizing or escaping the content of the external documents before processing.
- [COMMAND_EXECUTION]: The skill explicitly requests the Bash tool and includes Python code snippets (e.g., using statsmodels) for execution. This creates a potential execution vector if the agent is manipulated by malicious content within an analyzed document.
Audit Metadata