stat-writing
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Extensive analysis of the skill's code and logic revealed no malicious patterns or security vulnerabilities. The tool follows established security practices for local static analysis tools.
- [COMMAND_EXECUTION]: The script
scripts/audit_paper.pyinvokes internal analysis scripts usingsubprocess.run. This process is securely implemented using explicit paths and the current Python executable, avoiding shell injection risks. - [REMOTE_CODE_EXECUTION]: There are no network-based operations or external downloads. All executable logic is contained within the skill's distribution, precluding the risk of remote code injection.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes user-provided manuscripts.
- Ingestion points: Local file reading is performed in
scripts/check_tex.pyandscripts/check_bib.py. - Boundary markers: No specific delimiters are used to isolate ingested text from instructions during file processing.
- Capability inventory: Capabilities are limited to local file system reads and execution of bundled Python scripts.
- Sanitization: The skill employs regex-based heuristic analysis; while it does not perform sanitization of text ingested into the LLM context, the risk is mitigated by the tool's limited local scope.
Audit Metadata