Skills
skills/garrytan/gbrain/strategic-reading/Gen Agent Trust Hub

strategic-reading

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the pdftotext utility to extract text from PDF documents during the ingestion phase (SKILL.md).
  • [EXTERNAL_DOWNLOADS]: The analysis process involves fetching articles from the web using the web_fetch tool (SKILL.md).
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection due to its processing of untrusted data from external sources.
  • Ingestion points: Untrusted data enters the agent context via EPUBs, PDFs, and web articles during the ingestion phase (SKILL.md).
  • Boundary markers: There are no explicit delimiters or instructions to the agent to ignore embedded commands within the processed source text.
  • Capability inventory: The skill is authorized to write files to the local filesystem (projects/, concepts/) and executes subprocesses like pdftotext (SKILL.md).
  • Sanitization: The skill's logic does not include sanitization, validation, or filtering of the content extracted from external documents before it is used for playbook generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 07:01 AM