deep-learning-experiment-workflow-skill
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow directs the agent to execute shell commands and scripts for git operations, data probes, and training/evaluation entrypoints throughout the lifecycle (specifically documented in
stages/00-bootstrap/bootstrap-checklist.md,stages/01-investigation/investigation-guide.md, andstages/04-implementation/implementation-template.md). - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by requiring the ingestion of untrusted external data.
- Ingestion points: The agent is directed to read external URLs, open-source repositories, and research papers as noted in
stages/01-investigation/investigation-guide.md. - Boundary markers: The templates and guides do not include explicit instructions or markers to delimit external content or warn the agent to disregard instructions embedded in those sources.
- Capability inventory: The agent possesses capabilities to execute shell commands and modify the local filesystem across several stages, including
stages/01-investigation/investigation-guide.mdandstages/04-implementation/implementation-template.md. - Sanitization: There is no mention of sanitizing or validating external content before it is processed by the agent.
Audit Metadata