proofread
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation in SKILL.md provides specific shell commands for the agent to execute when performing a Council proofread. It directs the agent to run uv run python -m cli_council using various file paths. While this is a documented feature for multi-model synthesis using the vendor's own packages, the execution of shell commands increases the risk of command manipulation if the agent is influenced by malicious input.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes user-provided LaTeX source code and log files. * Ingestion points: The skill uses Read, Glob, and Grep tools to access all .tex and .log files in a project directory. * Boundary markers: No delimiters or ignore instructions are specified to separate untrusted document content from the agent's analytical instructions. * Capability inventory: The skill has permissions for file system access and the ability to execute shell commands via the council CLI. * Sanitization: There is no evidence of content sanitization or validation before the LaTeX data is included in prompts for the agent or passed to the external CLI tool.
Audit Metadata