competitive-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/generate_pdf.pyscript utilizes thesubprocessmodule to execute system-level commands, specificallypandocandxelatex, to convert Markdown files into PDF documents. - [COMMAND_EXECUTION]: The
SKILL.mdfile includes a Bash command instruction that targets a script located in a separate skill's directory (.claude/skills/project-diagrams/scripts/generate_schematic.py), creating a cross-skill execution dependency. - [EXTERNAL_DOWNLOADS]: The
scripts/verify_citations.pyscript fetches scholarly metadata from the CrossRef API anddoi.org, which are well-known services for bibliographic data. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted data from the web and external APIs.
- Ingestion points: Data enters the context through web search results via
WebSearch, fetched web pages viaWebFetch, and bibliographic metadata from the CrossRef API inscripts/verify_citations.py. - Boundary markers: The skill does not implement explicit delimiters or instructions to the agent to disregard embedded directions in the retrieved content.
- Capability inventory: The skill has access to several powerful tools including
Bash,Write, andWebFetch. - Sanitization: There is no evidence of robust sanitization or validation of the external content before it is processed or used in document generation operations.
Audit Metadata