Skills
skills/findinfinitelabs/chuuk/bible-epub-processing/Gen Agent Trust Hub

bible-epub-processing

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection by interpolating unvalidated text from external EPUB files into training prompts.
  • Ingestion points: The NWTEpubParser class reads XHTML content from files located in the data/bible/ directory.
  • Boundary markers: The export_jsonl method in ParallelCorpusBuilder lacks isolation markers or explicit instructions to the model to ignore embedded commands within the interpolated {pair['chuukese']} content.
  • Capability inventory: The skill possesses file-write capabilities via open().write() and directory management via os.makedirs, but no high-risk capabilities like eval() or subprocess calls are present.
  • Sanitization: While the code uses BeautifulSoup and regex to strip HTML tags and metadata, it does not sanitize the text for potentially malicious natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:10 AM