word-document
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
cat,mkdir, andpandocto assemble and convert manuscript files. It also utilizesRscriptfor processing CSV data into tables. - [EXTERNAL_DOWNLOADS]: Mentions downloading the Pandoc utility from its official GitHub repository, which is a well-known and trusted source.
- [PROMPT_INJECTION]: Contains a surface for indirect prompt injection (Category 8) by processing external manuscript files.
- Ingestion points: Reads various markdown files (Abstract, Introduction, etc.) and CSV data from the local directory
meta_analysis/bulk3/manuscript/. - Boundary markers: Absent; files are concatenated directly without delimiters or instruction-ignore warnings.
- Capability inventory: Includes shell command execution and R script execution.
- Sanitization: None; the skill assumes the content of the manuscript files is safe and does not perform validation before passing it to tools like Pandoc or Rscript.
Audit Metadata